CVE-2017-17898: Information Exposure
(updated )
Dolibarr does not block direct requests to *.tpl.php
files, which allows remote attackers to obtain sensitive information.
References
Detect and mitigate CVE-2017-17898 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →