Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium
Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2024-31503 - Vulnerability Database
Dolibarr

Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2024-31503

High
Reference: CVE-2024-31503
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2024-31503
Title: Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability
Overview:

Incorrect access control in Dolibarr ERP CRM versions 19.0.0 and before allows authenticated attackers to steal victim users39 session cookies and CSRF protection tokens via user interaction with a crafted web page leading to account takeover.