Incorrect access control in the database manager component in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows a remote malicious user to restore a database dump without knowing the super-admin password. An arbitrary password succeeds.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
odoo odoo 10.0 |
||
odoo odoo 11.0 |