An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions.
This Cyber News was published on www.tenable.com. Publication date: Sat, 16 Nov 2024 09:11:03 +0000