Incorrect access control in the RPC framework in Odoo Community 8.0 up to and including 11.0 and Odoo Enterprise 9.0 up to and including 11.0 allows authenticated users to call private functions via RPC.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
odoo odoo 10.0 |
||
odoo odoo 11.0 |
||
odoo odoo 9.0 |