EPSS
Percentile
24.8%
dolibarr/dolibarr is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the create function in don.class.php as it does not properly check user input negative price amounts.
create
don.class.php
github.com/dolibarr/dolibarr/commit/d892160f4f130385a3ce520f66cb8cf2eb8c5c32
huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db
huntr.dev/bounties/ed3ed4ce-3968-433c-a350-351c8f8b60db/