Описание
Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| odoo | not-affected | package |
Примечания
https://github.com/odoo/odoo/issues/32503
EPSS
Связанные уязвимости
Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.
Incorrect access control in the portal messaging system in Odoo Community 9.0 and 10.0 and Odoo Enterprise 9.0 and 10.0 allows remote attackers to post messages on behalf of customers, and to guess document attribute values, via crafted parameters.
EPSS