CVE-2018-14868

Published: 2019-06-28T18:15Z

Last Modified: 2024-11-21T03:49Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt