Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| dolibarr/dolibarr(Packagist) | N/A | N/A | N/A |
CVSS Metrics
