CVE-2017-9840: Unrestricted Upload of File with Dangerous Type
(updated )
Dolibarr ERP/CRM allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context of the vulnerable application.
References
Detect and mitigate CVE-2017-9840 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →