Incorrect access control in the mail templating system in Odoo Community 11.0 and previous versions and Odoo Enterprise 11.0 and previous versions allows authenticated internal users to delete arbitrary menuitems via a crafted RPC request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
odoo odoo 10.0 |
||
odoo odoo 11.0 |
||
odoo odoo 9.0 |