CVE-2023-30253: 
PHP vulnerability analysis and mitigation

Dolibarr before version 17.0.1 contains a remote code execution vulnerability (CVE-2023-30253) that affects authenticated users. The vulnerability was discovered in March 2023 and disclosed in May 2023. The issue affects the CMS Website plugin in Dolibarr's core functionality (Swascan Advisory, NVD).

The vulnerability allows authenticated users to execute arbitrary PHP code by manipulating the case of PHP tags, specifically using <?PHP instead of <?php in injected data. This bypass works even when PHP dynamic code is explicitly disabled for the user. The vulnerability has a CVSSv3.1 score of 8.8 (High) with the vector [AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H] and is classified as CWE-77 (Command Injection) (Swascan Advisory).

When exploited, this vulnerability allows authenticated attackers to execute arbitrary system commands on the remote system, potentially leading to complete system compromise. Even users with limited privileges who have access to the websites plugin can execute commands on the remote machine, bypassing intended security restrictions (Swascan Advisory).

The vulnerability has been fixed in Dolibarr version 17.0.1. Organizations running affected versions should upgrade to version 17.0.1 or later to mitigate this vulnerability. The fix was released on May 16, 2023 (Swascan Advisory).