EPSS
Percentile
45.5%
dolibarr is vulnerable to cross-site request forgery (CSRF). The vulnerability exists as an iframe element that contains a user/card.php CSRF request in the Linked Files settings page can be visited by an admin to cause an admin account takeover.
iframe
gauravnarwani.com/publications/CVE-2019-15062/
github.com/Dolibarr/dolibarr/commit/d21e5571007d2052a6b5f80a67b6f4cac693584a
github.com/Dolibarr/dolibarr/issues/11671