CVE-2020-13240: Dolibarr Stored Cross-site Scripting
5.4
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.38867%
CWE
Published
5/24/2022
Updated
4/24/2024
KEV Status
No
Technology
PHP
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
dolibarr/dolibarr | composer | = 11.0.4 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from improper file extension validation during rename operations in the DMS/ECM module. The core issue appears in functions handling file metadata updates: 1) The Document::rename
function is a prime candidate as it would directly handle filename
changes while lacking extension validation. 2) ECM::updateFile
is included with medium confidence as it might be responsible for persisting file metadata changes. Both would interact with the 'Setup documents directories' permission but fail to properly enforce the .noexe
protection when processing filename
modifications, enabling XSS payloads through crafted extensions.