Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.
[
{
"product": "Dolibarr",
"vendor": "Dolibarr ERP & CRM",
"versions": [
{
"status": "affected",
"version": "7.0.0"
}
]
}
]