Security Advisory
CVE-2020-11825
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any users session can be used in another users session. CSRF tokens should not be valid in this situation.