exploitDog

CVE-2021-44461

Опубликовано: 25 апр. 2023

Источник: nvd

CVSS3: 6.5

CVSS3: 6.1

EPSS Низкий

Описание

Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 through 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim.

Ссылки

https://github.com/odoo/odoo/issues/107686
Issue Tracking
Vendor Advisory
https://github.com/odoo/odoo/issues/107686
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:odoo:odoo:*:*:*:*:enterprise:*:*:*

Версия от 13.0 (включая) до 15.0 (включая)

EPSS

Процентиль: 55%

0.00325

Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-hjwx-mjwp-j356

CVSS3: 6.5

github

почти 3 года назад

Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 through 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim.

EPSS

Процентиль: 55%

0.00325

Низкий

6.5 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

CWE-79