๐Ÿ” CVE Alert

CVE-2021-44461

MEDIUM 6.5
CVSS Score
6.5
EPSS Score
0.0%
EPSS Percentile
0th

Cross-site scripting (XSS) issue in Accounting app of Odoo Enterprise 13.0 through 15.0, allows remote attackers who are able to control the contents of accounting journal entries to inject arbitrary web script in the browser of a victim.

CWE CWE-79
Vendor odoo
Product odoo enterprise
Published Apr 25, 2023
Last Updated Aug 4, 2024
Stay Ahead of the Next One

Get instant alerts for odoo odoo enterprise

Be the first to know when new medium vulnerabilities affecting odoo odoo enterprise are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Affected Versions

Odoo / Odoo Enterprise
13.0 โ‰ค 15.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
github.com: https://github.com/odoo/odoo/issues/107686