Fluid Attacks Database

Description

Dolibarr vulnerable to privilege escalation Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows attackers to escalate privileges via a crafted API.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
packagist	dolibarr/dolibarr	>=0 <14.0.1	14.0.1

Aliases

1. CVE-2022-431382. NVD-2022-431383. OSV-2022-431384. GCVE-2022-43138

References

1. https://github.com/Dolibarr/dolibarr/commit/489cff46a37b04784d8e884af7fc2ad623bee17d2. https://www.exploit-db.com/exploits/50248