Improper Authorization in dolibarr/dolibarr
        
  Moderate severity
        
          GitHub Reviewed
      
        Published
          Nov 15, 2024 
          to the GitHub Advisory Database
          •
          Updated Nov 19, 2024 
      
  
Description
        Published by the National Vulnerability Database
      Nov 15, 2024 
    
  
        Published to the GitHub Advisory Database
      Nov 15, 2024 
    
  
        Reviewed
      Nov 15, 2024 
    
  
        Last updated
      Nov 19, 2024 
    
  
An Improper Authorization vulnerability exists in Dolibarr versions prior to version 15.0.0. A user with restricted permissions in the 'Reception' section is able to access specific reception details via direct URL access, bypassing the intended permission restrictions.
References