4 matches found
CVE-2021-23178
Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows attackers to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be charged instead...
CVE-2021-23178
Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows attackers to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be charged instead...
CVE-2021-23178
CVE-2021-23178 affects Odoo 15.0 and earlier (Community/Enterprise). The root cause is improper access control that allows an authenticated user to validate online payments with a tokenized payment method belonging to another user, charging the victim’s payment method. Connected sources (OSV and ...
CVE-2021-23178
Improper access control in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows attackers to validate online payments with a tokenized payment method that belongs to another user, causing the victim's payment method to be charged instead...