Description
An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service.
Remediation
References
Related Vulnerabilities
WordPress Plugin Admin Custom Login Cross-Site Request Forgery (3.2.7)
Play Framework Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-12480)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-1455)