EPSS
Percentile
58.3%
Dolibarr is vulnerable to access restriction bypass. Loading of menu manager is not handled properly, therefore allowing an attacker to bypass the restrictions via the non-alphanumeric menu parameter in core/get_menudiv.php.
core/get_menudiv.php
github.com/Dolibarr/dolibarr/commit/c1b530f58f6f01081ddbeaa2092ef308c3ec2727
sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/11.0.4/