CVE-2018-14859

Published July 3rd, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

5.5

MEDIUM

Affected

PROJECT

Description

Incorrect access control in the password reset component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated users to reset the password of other users by being the first party to use the secure token.

odoo/odoo

Odoo. Open Source Apps To Grow Your Business.

GitHub

52.4K