dolibarr/dolibarr is vulnerable to Session Hijacking. The vulnerability is due to inadequate user session management, allowing authenticated attackers to hijack victim users’ session cookies and gain access to the CSRF protection tokens through interaction with a malicious web page, consequently leading to account takeover.
CPE | Name | Operator | Version |
---|---|---|---|
dolibarr/dolibarr | le | 19.0.0 | |
dolibarr/dolibarr | le | 19.0.0 |