Dolibarr Open Source ERP & CRM for Business before v14.0.1 allows malicious users to escalate privileges via a crafted API.
dolibarr dolibarr erp\\/crm