Moderate severityNVD Advisory· Published Nov 15, 2024· Updated Nov 15, 2024
Improper Authorization in dolibarr/dolibarr
CVE-2021-3991
Description
An Improper Authorization vulnerability exists in Dolibarr versions prior to the 'develop' branch. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 15.0.0 | 15.0.0 |
Affected products
3- osv-coords2 versions
< 20.0.2+ 1 more
- (no CPE)range: < 20.0.2
- (no CPE)range: < 15.0.0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.