Описание
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| odoo | fixed | 16.0.0+dfsg.1-1 | package | |
| odoo | end-of-life | bullseye | package |
Примечания
https://github.com/odoo/odoo/issues/193854
Связанные уязвимости
CVSS3: 8.1
ubuntu
12 месяцев назад
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.
CVSS3: 8.1
nvd
12 месяцев назад
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.
CVSS3: 8.1
github
12 месяцев назад
Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users.