Candidate: CVE-2019-1010054
PublicDate: 2019-07-18 13:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1010054
Description:
 Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The
 impact is: allow malitious html to change user password, disable users and
 disable password encryptation. The component is: Function User password
 change, user disable and password encryptation. The attack vector is: admin
 access malitious urls.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]


Patches_dolibarr:
upstream_dolibarr: needs-triage
precise/esm_dolibarr: DNE
trusty_dolibarr: ignored (out of standard support)
trusty/esm_dolibarr: DNE
xenial_dolibarr: ignored (end of standard support, was needs-triage)
bionic_dolibarr: DNE
focal_dolibarr: DNE
groovy_dolibarr: DNE
hirsute_dolibarr: DNE
impish_dolibarr: DNE
jammy_dolibarr: DNE
devel_dolibarr: DNE