CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-11825

In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 37.5%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.8

References

https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html
https://fatihhcelik.blogspot.com/2020/04/dolibarr-csrf.html

Products affected by CVE-2020-11825

Dolibarr » Dolibarr Erp/crm » Version: 10.0.6

cpe:2.3:a:dolibarr:dolibarr_erp/crm:10.0.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-11825

Products

Pricing

Contact Us