Security Advisory
CVE-2021-3991
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
An Improper Authorization vulnerability exists in Dolibarr versions prior to the develop branch. A user with restricted permissions in the Reception section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions.