GHSA-W5J3-8FCR-H87W Dolibarr: OS Command Injection (RCE) via MAIN_ODT_AS_PDF configuration

Summary An authenticated administrator can execute arbitrary operating system commands by injecting a malicious payload into the MAINODTASPDF configuration constant. This vulnerability exists because the application fails to properly validate or escape the command path before passing it to the ex...

Exploit for CVE-2026-23500

CVE-2026-23500: OS Command Injection RCE via MAINODTASPDF...