6.2 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
43.0%
Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request.
github.com/odoo/odoo/issues/32516
www.excellium-services.com/cert-xlm-advisory/cve-2018-15631/