Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.

Published : 2019-07-18 13:15 Updated : 2019-07-19 02:25

CVSS Score More info
Score 6.8 / 10
Vendor Product Version URI
Dolibarr Dolibarr 7.0.0 cpe:/a:dolibarr:dolibarr:7.0.0
  1. Dolibarr (1) Search CVE
    1. Dolibarr (1) Search CVE
      1. 7.0.0


ID Name Description Links
CWE-352 Cross-Site Request Forgery (CSRF) The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request. CVE

History of changes

Date Event
2019-07-19 02:25
2019-07-18 13:28