CVE-2021-23178

Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows attackers to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be charged instead...

CVE-2021-45071

Cross-site scripting XSS issue Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, via crafted uploaded file names...

CVE-2021-44547

A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation...

PT-2023-12114

Name of the Vulnerable Software and Affected Versions Odoo Community versions 15.0 and earlier Odoo Enterprise versions 15.0 and earlier Description The issue allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link. This is a cross-site scripting XSS...

Odoo 安全漏洞

Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in the Python language, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security...

PT-2023-12550 · Odoo · Odoo Community +1

Name of the Vulnerable Software and Affected Versions: Odoo Community versions 15.0 and earlier Odoo Enterprise versions 15.0 and earlier Description: The issue allows remote attackers to inject arbitrary web script in the browser of a victim by posting crafted contents, which is a cross-site...