Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation.
References
Link | Resource |
---|---|
https://github.com/odoo/odoo/issues/63706 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: odoo
Published: 2020-12-22T16:25:35
Updated: 2020-12-22T16:25:35
Reserved: 2019-05-06T00:00:00
Link: CVE-2019-11781
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-12-22T17:15:13.127
Modified: 2020-12-23T17:06:47.570
Link: CVE-2019-11781
JSON object: View
Redhat Information
No data.
CWE