2 results (0.002 seconds)
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-36259
https://notcve.org/view.php?id=CVE-2024-36259
25 Feb 2025 — Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response) crafted attack. • https://github.com/odoo/odoo/issues/199330 • CWE-284: Improper Access Control •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-12368
https://notcve.org/view.php?id=CVE-2024-12368
25 Feb 2025 — Improper access control in the auth_oauth module of Odoo Community 15.0 and Odoo Enterprise 15.0 allows an internal user to export the OAuth tokens of other users. • https://github.com/odoo/odoo/issues/193854 • CWE-284: Improper Access Control •