Privilege Defined With Unsafe Actions
CVE-2021-44547
Summary
A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to executed arbitrary code, leading to privilege escalation.
- LOW
- NETWORK
- HIGH
- CHANGED
- NONE
- HIGH
- HIGH
- HIGH
CWE-267 - Privilege Defined With Unsafe Actions
A particular privilege, role, capability, or right can be used to perform unsafe actions that were not intended, even when it is assigned to the correct entity.
References
Advisory Timeline
- Published