
We found results for “”
CVE-2025-56588
Good to know:


Date: September 30, 2025
Dolibarr ERP & CRM v21.0.1 were discovered to contain a remote code execution (RCE) vulnerability in the User module configuration via the computed field parameter.
Severity Score
Related Resources (6)
Severity Score
Weakness Type (CWE)
Improper Control of Generation of Code ('Code Injection')
CWE-94Top Fix

Upgrade Version
Upgrade to version https://github.com/Dolibarr/dolibarr.git - 18.0.8;https://github.com/Dolibarr/dolibarr.git - 21.0.3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | HIGH |
Availability (A): | HIGH |