Arbitrary Menuitem Deletion Vulnerability in Odoo Community and Enterprise 11.0 and Earlier
CVE-2018-14862 · MEDIUM Severity
AV:N/AC:L/AU:S/C:N/I:P/A:P
Incorrect access control in the mail templating system in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated internal users to delete arbitrary menuitems via a crafted RPC request.
Learn more about our Internal Network Penetration Testing.