CVE-2018-14866

Published: 2019-07-03T18:15Z

Last Modified: 2024-11-21T03:49Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records that they do not own by making an RPC call before garbage collection occurs. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt