CVE-2018-15631

Published April 9th, 2019

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request.

odoo/odoo

Odoo. Open Source Apps To Grow Your Business.

GitHub

52.4K