Published: 25/04/2023 Updated: 05/05/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

Cross-site scripting (XSS) issue Odoo Community 15.0 and previous versions and Odoo Enterprise 15.0 and previous versions, allows remote malicious users to inject arbitrary web script in the browser of a victim, via crafted uploaded file names.

Vulnerable Product	Search on Vulmon	Subscribe to Product
odoo odoo

Debian Bug report logs - #1035953 odoo: CVE-2021-23166 CVE-2021-23176 CVE-2021-23178 CVE-2021-23186 CVE-2021-23203 CVE-2021-26263 CVE-2021-26947 CVE-2021-44476 CVE-2021-44775 CVE-2021-45071 CVE-2021-45111 Package: src:odoo; Maintainer for src:odoo is Freexian Packaging Team <team+freexian@trackerdebianorg>; Reported by: Mor ...

Several vulnerabilities were discovered in odoo, a suite of web based open source business apps CVE-2021-44775, CVE-2021-26947, CVE-2021-45071, CVE-2021-26263 XSS allowing remote attacker to inject arbitrary commands CVE-2021-45111 Incorrect access control allowing authenticated remote user to create user accounts and access restricted dat ...

CWE-79 https://github.com/odoo/odoo/issues/107697 https://www.debian.org/security/2023/dsa-5399 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035953 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5399

CVE-2021-45071

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect