6 matches found
BIT-DOLIBARR-2020-13240
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS...
BIT-DOLIBARR-2020-13239
The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS...
CVE-2023-52098
Denial of Service DoS vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability...
Denial of service
Denial of Service DoS vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability...
CVE-2023-52098
CVE-2023-52098 describes a Denial of Service (DoS) vulnerability in the DMS module. The NVD entry states a Network-based exploitation with low attack complexity and no privileges required , resulting in an impact to availability (CVSS 3.1 base 7.5, HIGH). The connected records confirm the issue i...
CVE-2023-52098
Denial of Service DoS vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability...