Description
Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: allow malitious html to change user password, disable users and disable password encryptation. The component is: Function User password change, user disable and password encryptation. The attack vector is: admin access malitious urls.
Remediation
References
Related Vulnerabilities
WordPress Plugin Download Manager PHAR Deserialization (3.2.49)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-28169)
Drupal Core 5.x Multiple Vulnerabilities (5.0 - 5.21)
WordPress Plugin Count per Day Multiple Vulnerabilities (3.5.6)
WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81)