CVE-2018-14859

Published: 2019-07-03T20:15Z

Last Modified: 2024-11-21T03:49Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Incorrect access control in the password reset component in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated users to reset the password of other users by being the first party to use the secure token. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt