Security Advisory

CVE-2020-13240

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-05-20 14:57:22

Last updated 2024-08-04 12:11:19

Assigner mitre

State PUBLISHED

Description

The DMS/ECM module in Dolibarr 11.0.4 allows users with the Setup documents directories permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS.

← Browse all CVEs View on cve.org ↗