Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
多款Odoo产品Oauth模块权限许可和访问控制问题漏洞
Vulnerability Description
Odoo(前称OpenERP)等都是比利时Odoo公司的产品。Odoo是一套企业资源计划(ERP)和客户关系管理(CRM)系统;Odoo Community Edition是它的社区版;Odoo Enterprise Edition是它的企业版。OAuth module是其中的一个开放网络授权协议模块。 多款Odoo产品中的Oauth模块存在权限许可和访问控制问题漏洞,该漏洞源于程序没有正确的对OAuth令牌执行访问控制。远程攻击者可利用该漏洞劫持其他用户会话。以下产品和版本受到影响:Odoo 8.0版本
CVSS Information
N/A
Vulnerability Type
N/A