Description

The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.

Remediation

References

CVE-2020-7995

Related Vulnerabilities

WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (5.8.11)

WordPress 6.2.x Cross-Site Scripting (6.2 - 6.2.4)

Liferay Portal Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-28981)

WordPress Plugin RAYS Grid Cross-Site Request Forgery (1.2.2)

WordPress Plugin BuddyPress Arbitrary File Deletion (2.7.3)

Severity

Critical

Classification

CVE-2020-7995 CWE-287 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities