Vulnerabilities

CVE-2018-14868

by Fred · 28/06/2019

Incorrect access control in the Password Encryption module in Odoo Community 9.0 and Odoo Enterprise 9.0 allows authenticated users to change the password of other users without knowing their current password via a crafted RPC call.

Date published : 2019-06-28

https://github.com/odoo/odoo/issues/32507

https://github.com/odoo/odoo/commits/master

Related

Tags: Cybersecurity Alert