Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-69634

Опубликовано: 12 фев. 2026
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 9

Описание

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php NOTE: this is disputed by a third party who indicates that exploitation can only occur if an unprivileged user knows the token of an admin user.

РелизСтатусПримечание
devel

DNE

esm-apps/xenial

not-affected

jammy

DNE

noble

DNE

questing

DNE

upstream

needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 17%
0.00054
Низкий

9 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-69634

CVSS3: 9
nvd
около 2 месяцев назад

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php NOTE: this is disputed by a third party who indicates that exploitation can only occur if an unprivileged user knows the token of an admin user.

debian логотип

CVE-2025-69634

CVSS3: 9
debian
около 2 месяцев назад

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0. ...

github логотип

GHSA-hfj8-gv3c-fx7w

CVSS3: 9
github
около 2 месяцев назад

Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0.9 allows a remote attacker to escalate privileges via the notes field in perms.php

EPSS

Процентиль: 17%
0.00054
Низкий

9 Critical

CVSS3

Уязвимость CVE-2025-69634