CVE-2019-11784

Published December 22nd, 2020

View on NVD ↗

CVSS v3

6.5

MEDIUM

CVSS v2

MEDIUM

Affected

PROJECT

Description

Improper access control in mail module (notifications) in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to obtain access to arbitrary messages in conversations they were not a party to.

odoo/odoo

Odoo. Open Source Apps To Grow Your Business.

GitHub

52.4K