CVE-2018-14866

Published July 3rd, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

MEDIUM

Affected

PROJECT

Description

Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records that they do not own by making an RPC call before garbage collection occurs.

odoo/odoo

Odoo. Open Source Apps To Grow Your Business.

GitHub

52.4K