Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-11825 - Vulnerability Database

Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability - CVE-2020-11825

High

Reference: CVE-2020-11825

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2020-11825

Title: Dolibarr Cross-Site Request Forgery (CSRF) Vulnerability

Overview:

In Dolibarr 10.0.6 forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user39s session can be used in another user39s session. CSRF tokens should not be valid in this situation.