Summary: Product Dolibarr ERP CRM Vendor Dolibarr Severity High Affected Versions <= 17.0.3 Tested Versions 17.0.1, 17.0.3 CVE Identifier CVE-2023-4198 CVE Description Improper Access Control in Dolibarr ERP CRM v17.0.3 allows unauthorized users to read a database table containing sensitive third-party customers’ information via the ajaxcompanies.php endpoint. CWE Classification(s) CWE-862 Missing Authorization CAPEC Classification(s) CAPEC-1 Accessing Functionality Not Properly Constrained...
