Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
odoo odoo 11.0 vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2018-14864
Incorrect access control in asset bundles in Odoo Community 9.0 up to and including 11.0 and previous versions and Odoo Enterprise 9.0 up to and including 11.0 and previous versions allows remote authenticated users to inject arbitrary web script via a crafted attachment.
Odoo Odoo 8.0
Odoo Odoo 9.0
Odoo Odoo 10.0
6.5
CVSSv2
CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 up to and including 13.0 and Odoo Enterprise 11.0 up to and including 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.
Odoo Odoo
1 Github repository
8.5
CVSSv2
CVE-2018-15632
Improper input validation in database creation logic in Odoo Community 11.0 and previous versions and Odoo Enterprise 11.0 and previous versions, allows remote malicious users to initialize an empty database on which they can connect with default credentials.
Odoo Odoo
9
CVSSv2
CVE-2018-14860
Improper sanitization of dynamic user expressions in Odoo Community 11.0 and previous versions and Odoo Enterprise 11.0 and previous versions allows authenticated privileged users to escape from the dynamic expression sandbox and execute arbitrary code on the hosting system.
Odoo Odoo
4.3
CVSSv2
CVE-2018-15633
Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and previous versions and Odoo Enterprise 11.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim via crafted attachment filenames.
Odoo Odoo
3.5
CVSSv2
CVE-2018-15641
Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 up to and including 14.0 and Odoo Enterprise 11.0 up to and including 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attrib...
Odoo Odoo
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2