CVE-2018-15631

Summary

Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request.

Affected Software

VendorProductVersion RangeStatus
OdooOdoo Communityunspecified <= 12.0affected
OdooOdoo Enterpriseunspecified <= 12.0affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

References