CVE-2019-11785

Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages.
References
Link Resource
https://github.com/odoo/odoo/issues/63710 Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:odoo:odoo:*:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-12-22 09:15

Updated : 2021-10-28 09:18


NVD link : CVE-2019-11785

Mitre link : CVE-2019-11785


JSON object : View

CWE
CWE-862

Missing Authorization

Advertisement

dedicated server usa

Products Affected

odoo

  • odoo