CVE-2018-15631

Published: 2019-04-09T16:29Z

Last Modified: 2024-11-21T03:51Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt