High severityNVD Advisory· Published May 29, 2023· Updated Jan 14, 2025
CVE-2023-30253
CVE-2023-30253
Description
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
dolibarr/dolibarrPackagist | < 17.0.1 | 17.0.1 |
Affected products
3- osv-coords2 versions
< 17.0.1+ 1 more
- (no CPE)range: < 17.0.1
- (no CPE)range: < 17.0.1
Patches
Vulnerability mechanics
References
6News mentions
1- Metasploit Wrap-Up 05/15/2026Rapid7 Blog · May 15, 2026