AI Score
Confidence
High
EPSS
Percentile
35.1%
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which “disabled” is changed to “enabled” in the HTML source code.
github.com/Dolibarr/dolibarr/blob/develop/ChangeLog
www.wizlynxgroup.com/security-research-advisories/vuln/WLX-2020-011