High severityNVD Advisory· Published May 6, 2020· Updated Aug 4, 2024
CVE-2020-12669
CVE-2020-12669
Description
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 12.0.0 | 12.0.0 |
Affected products
3- Dolibarr/Dolibarrdescription
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-rg8m-84jf-9367ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-12669ghsaADVISORY
- github.com/Dolibarr/dolibarr/commit/c1b530f58f6f01081ddbeaa2092ef308c3ec2727ghsax_refsource_MISCWEB
- sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/11.0.4ghsaWEB
- sourceforge.net/projects/dolibarr/files/Dolibarr%20ERP-CRM/11.0.4/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.