CVE-2023-30253

描述

Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.

受影響套件(2)

• Bitnami/dolibarrfrom 0, < 17.0.1
• Packagist/dolibarr/dolibarrfrom 0, < 17.0.1

CVSS 分數

參考連結(6)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-30253
• PATCHhttps://github.com/Dolibarr/dolibarr
• WEBhttps://www.swascan.com/blog
• WEBhttps://www.swascan.com/blog/
• WEBhttps://www.swascan.com/security-advisory-dolibarr-17-0-0
• WEBhttps://www.swascan.com/security-advisory-dolibarr-17-0-0/