6.1 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
42.3%
Cross-site scripting (XSS) issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names.
github.com/odoo/odoo/issues/107697
www.debian.org/security/2023/dsa-5399