CVE-2019-11785

Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages.
References
Link Resource
https://github.com/odoo/odoo/issues/63710 Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:odoo:odoo:*:*:*:*:community:*:*:*
cpe:2.3:a:odoo:odoo:*:*:*:*:enterprise:*:*:*

Information

Published : 2020-12-22 05:15

Updated : 2021-10-28 04:18


NVD link : CVE-2019-11785

Mitre link : CVE-2019-11785

Products Affected
No products.
CWE