Security Advisory

CVE-2023-4197

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-01 07:58:56

Last updated 2024-09-05 19:57:29

Assigner STAR_Labs

State PUBLISHED

Description

Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code.

← Browse all CVEs View on cve.org ↗