CVE-2019-11781

CVSS 6.5 MEDIUMEPSS 2.1%CWE-20

Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Produtos afetados

Odoo · Odoo Community Odoo · Odoo Enterprise

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/odoo/odoo/issues/63706