GHSA-4xc7-x2jr-cr74
Suggest an improvement- Source
- https://github.com/advisories/GHSA-4xc7-x2jr-cr74
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-4xc7-x2jr-cr74/GHSA-4xc7-x2jr-cr74.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-4xc7-x2jr-cr74
- Aliases
- Published
- 2022-02-24T00:00:52Z
- Modified
- 2023-11-08T04:07:39.184410Z
- Severity
-
- 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- Improper Authorization in dolibarr/dolibarr
- Details
-
Dolibarr allows improper access control issues in the userphoto modulepart. The impact could lead to data exposure as the attached files and documents may contain sensitive information of relevant parties such as contacts, suppliers, invoices, orders, stocks, agenda, accounting and more.
- Database specific
{ "nvd_published_at": "2022-02-23T19:15:00Z", "github_reviewed_at": "2022-03-03T22:06:43Z", "severity": "MODERATE", "github_reviewed": true, "cwe_ids": [ "CWE-639", "CWE-863" ] }- References
Affected packages
Packagist / dolibarr/dolibarr
Package
- Name
- dolibarr/dolibarr
- Purl
- pkg:composer/dolibarr/dolibarr
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed16.0
Affected versions
3.*
3.6.0-beta
3.6.0
3.6.1
3.6.2
3.6.3
3.6.4
3.6.5
3.6.6
3.7.0
3.7.1
3.7.2
3.7.3
3.7.4
3.8.0-beta
3.8.0
3.8.1
3.8.2
3.8.3
3.8.4
3.9.0-rc
3.9.0-rc2
3.9.0
3.9.1
3.9.2
3.9.3
3.9.4
4.*
4.0.0-beta
4.0.0-rc
4.0.0-rc2
4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
5.*
5.0.0-beta
5.0.0-rc1
5.0.0-rc2
5.0.0
5.0.1
5.0.2
5.0.3
5.0.4
5.0.5
5.0.6
5.0.7
6.*
6.0.0-beta
6.0.0-rc
6.0.0
6.0.1
6.0.2
6.0.3
6.0.4
6.0.5
6.0.6
6.0.7
6.0.8
7.*
7.0.0
7.0.1
7.0.2
7.0.3
7.0.4
7.0.5
8.*
8.0.0
8.0.1
8.0.2
8.0.3
8.0.4
8.0.5
8.0.6
9.*
9.0.0
9.0.1
9.0.2
9.0.3
9.0.4
10.*
10.0.0
10.0.1
10.0.2
10.0.3
10.0.4
10.0.5
10.0.6
10.0.7
11.*
11.0.0
11.0.1
11.0.2
11.0.3
11.0.4
11.0.5
12.*
12.0.0
12.0.1
12.0.2
12.0.3
12.0.4
12.0.5
13.*
13.0.0
13.0.1
13.0.2
13.0.3
13.0.4
13.0.5
14.*
14.0.0
14.0.1
14.0.2
14.0.3
14.0.4
14.0.5
15.*
15.0.0
15.0.1
15.0.2
15.0.3