Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
odoo odoo vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2020-29396
A sandboxing issue in Odoo Community 11.0 up to and including 13.0 and Odoo Enterprise 11.0 up to and including 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.
Odoo Odoo
1 Github repository
NA
CVE-2021-44460
Improper access control in Odoo Community 13.0 and previous versions and Odoo Enterprise 13.0 and previous versions allows users with deactivated accounts to access the system with the deactivated account and any permission it still holds, via crafted RPC requests.
Odoo Odoo
NA
CVE-2021-44461
Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 up to and including 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim.
Odoo Odoo
NA
CVE-2021-44775
Cross-site scripting (XSS) issue in Website app of Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, by posting crafted contents.
Odoo Odoo
NA
CVE-2021-45071
Cross-site scripting (XSS) issue Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, via crafted uploaded file names.
Odoo Odoo
801
VMScore
CVE-2018-14860
Improper sanitization of dynamic user expressions in Odoo Community 11.0 and previous versions and Odoo Enterprise 11.0 and previous versions allows authenticated privileged users to escape from the dynamic expression sandbox and execute arbitrary code on the hosting system.
Odoo Odoo
605
VMScore
CVE-2019-11781
Improper input validation in portal component in Odoo Community 12.0 and previous versions and Odoo Enterprise 12.0 and previous versions, allows remote malicious users to trick victims into modifying their account via crafted links, leading to privilege escalation.
Odoo Odoo
356
VMScore
CVE-2019-11782
Improper access control in Odoo Community 14.0 and previous versions and Odoo Enterprise 14.0 and previous versions, allows remote authenticated users with access to contact management to modify user accounts, leading to privilege escalation.
Odoo Odoo
356
VMScore
CVE-2019-11783
Improper access control in mail module (channel partners) in Odoo Community 14.0 and previous versions and Odoo Enterprise 14.0 and previous versions, allows remote authenticated users to subscribe to arbitrary mail channels uninvited.
Odoo Odoo
356
VMScore
CVE-2019-11784
Improper access control in mail module (notifications) in Odoo Community 14.0 and previous versions and Odoo Enterprise 14.0 and previous versions, allows remote authenticated users to obtain access to arbitrary messages in conversations they were not a party to.
Odoo Odoo
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »