CVE-2017-17898

Dolibarr ERP/CRM version 6.0.4 does not block direct requests to *.tpl.php files, which allows remote attackers to obtain sensitive information.
Configurations

Configuration 1 (hide)

cpe:2.3:a:dolibarr:dolibarr_erp\/crm:6.0.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2017-12-27 17:08

Updated : 2024-02-04 19:29


NVD link : CVE-2017-17898

Mitre link : CVE-2017-17898

CVE.ORG link : CVE-2017-17898


JSON object : View

Products Affected

dolibarr

  • dolibarr_erp\/crm
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor