Описание
Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.
Ссылки
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
7.1 High
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.
Cross-site scripting (XSS) issue in "document" module in Odoo Communit ...
Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.
EPSS
7.1 High
CVSS3
6.1 Medium
CVSS3
4.3 Medium
CVSS2