Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier allows authenticated attackers to subscribe to receive future notifications and comments related to arbitrary business records in the system, via crafted RPC requests.
References
Link | Resource |
---|---|
https://github.com/odoo/odoo/issues/107692 | Issue Tracking Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: odoo
Published: 2023-04-25T18:33:39.776Z
Updated: 2023-04-25T18:33:39.776Z
Reserved: 2021-12-28T11:57:09.374Z
Link: CVE-2021-44465
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-04-25T19:15:09.727
Modified: 2023-05-03T14:12:22.630
Link: CVE-2021-44465
JSON object: View
Redhat Information
No data.
CWE