A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HOdoo
APPOdoo11.0 – 13.0Python
APPPython≥ 3.6.0
Related vulnerabilities
An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accep...
A sandboxing issue in Odoo Community 15.0 and Odoo Enterprise 15.0 allows authenticated administrators to exec...
The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer ove...
In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP addres...
Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote ...