CVE-2021-23203

Published April 25th, 2023

View on NVD ↗

CVSS v3

7.5

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF reports for arbitrary documents, via crafted requests.

odoo/odoo

Odoo. Open Source Apps To Grow Your Business.

GitHub

52.4K