Lucene search
Veracode Vulnerability DatabaseVERACODE:21318HistoryAug 19, 2019 - 8:02 a.m.
Cross-site Request Forgery (CRSF)
2019-08-1908:02:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
45.6%
dolibarr is vulnerable to cross-site request forgery (CSRF). The vulnerability exists as an iframe element that contains a user/card.php CSRF request in the Linked Files settings page can be visited by an admin to cause an admin account takeover.
| CPE | Name | Operator | Version |
|---|---|---|---|
| dolibarr/dolibarr | le | 10.0.1 | |
| dolibarr/dolibarr | le | 9.0.4 | |
| dolibarr/dolibarr | le | 10.0.1 | |
| dolibarr/dolibarr | le | 9.0.4 |
Related
prion
prion
Cross site request forgery (csrf)
2019-08-14 23:15:00
cvelist
cvelist
CVE-2019-15062
2019-08-14 22:54:51
nvd
nvd
CVE-2019-15062
2019-08-14 23:15:10
osv
osv
Dolibarr Cross-Site Request Forgery (CSRF)
2022-05-24 16:53:44
github
github
Dolibarr Cross-Site Request Forgery (CSRF)
2022-05-24 16:53:44
ubuntucve
ubuntucve
CVE-2019-15062
2019-08-14 00:00:00
cve
cve
CVE-2019-15062
2019-08-14 23:15:10