Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, which may allow privilege escalation.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Odoo 访问控制错误漏洞
Vulnerability Description
Odoo是比利时Odoo公司的一套企业资源计划(ERP)和客户关系管理(CRM)系统。该系统采用Python语言开发,PostgreSQL作为数据库,并包括销售管理、库存管理、财务管理等模块。 Odoo Community 12.0版本及之前版本和 Odoo Enterprise 12.0版本及之前版本存在访问控制错误漏洞,该漏洞源于消息路由中的不适当访问控制允许远程身份验证用户通过精心设计的有效负载创建任意记录,这可能允许权限升级。
CVSS Information
N/A
Vulnerability Type
N/A