CVE-2020-14201: Improper Privilege Management

August 21, 2020 (updated July 21, 2021)

Dolibarr CRM allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which disabled is changed to enabled in the HTML source code.

References

nvd.nist.gov/vuln/detail/CVE-2020-14201

Code Behaviors & Features

Detect and mitigate CVE-2020-14201 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →