Security Advisory

CVE-2018-15641

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-22 16:25:34

Last updated 2024-08-05 10:01:54

Assigner odoo

State PUBLISHED

Description

Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes.

← Browse all CVEs View on cve.org ↗