2 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-15062
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element containing a user/card.php CSRF request in his Linked Files settings page...
CVE-2019-15062
An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an IFRAME element containing a user/card.php CSRF request in his Linked Files settings page. When visited by the admin, this could completely take over the admin account. The protection mechanism for CSRF is to check the Referer...