Description
In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Link To Us Multiple Cross-Site Scripting Vulnerabilities (2.0)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2016-3734)
MySQL CVE-2018-3212 Vulnerability (CVE-2018-3212)
Drupal Core 8.6.x Multiple Vulnerabilities (8.6.0 - 8.6.5)
IBM RTC Inadequate Encryption Strength Vulnerability (CVE-2017-1701)