Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
dolibarr_project_timesheet Form cross-site request forgery
Vulnerability Description
A vulnerability was found in dolibarr_project_timesheet up to 4.5.5. It has been declared as problematic. This vulnerability affects unknown code of the component Form Handler. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. Upgrading to version 4.5.6.a is able to address this issue. The name of the patch is 082282e9dab43963e6c8f03cfaddd7921de377f4. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216880.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
dolibarr_project_timesheet 跨站请求伪造漏洞
Vulnerability Description
dolibarr_project_timesheet是Patrick Delcroix个人开发者的一个 Dolibarr 项目时间表视图。 dolibarr_project_timesheet 4.5.6.a之前版本存在跨站请求伪造漏洞,该漏洞源于组件Form Handler的未知代码存在问题,会导致跨站请求伪造。
CVSS Information
N/A
Vulnerability Type
N/A