CVE-2023-30253: Dolibarr vulnerable to remote code execution via uppercase manipulation
(updated )
Dolibarr before 17.0.1 allows remote code execution by an authenticated user via an uppercase manipulation: <?PHP instead of <?php in injected data.
References
Code Behaviors & Features
Detect and mitigate CVE-2023-30253 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →