VAPT Result: Link Manipulation DOM-BASED, Session token in URL in Odoo CE 10 how to resolve? | Odoo

Apps
Finance

Accounting

Invoicing

Expenses

Spreadsheet (BI)

Documents

Sign
Sales

CRM

Sales

POS Shop

POS Restaurant

Subscriptions

Rental
Websites

Website Builder

eCommerce

Blog

Forum

Live Chat

eLearning
Supply Chain

Inventory

Manufacturing

PLM

Purchase

Maintenance

Quality
Human Resources

Employees

Recruitment

Time Off

Appraisals

Referrals

Fleet
Marketing

Social Marketing

Email Marketing

SMS Marketing

Events

Marketing Automation

Surveys
Services

Project

Timesheets

Field Service

Helpdesk

Planning

Appointments
Productivity

Discuss

Approvals

IoT

VoIP

Knowledge

WhatsApp
Third party apps Odoo Studio Odoo Cloud Platform
Industries
Retail

Book Store

Clothing Store

Hardware Store

Toy Store

Bakery
Services

Odoo Partner

Real Estate

Talent Acquisition

Bike Leasing

Hair Salon

Property Owner Association
Hospitality

Bar and Pub

Fast Food

Fine Dining Restaurant
Health & Fitness

Fitness Center

Sports Club

Wellness Practitioners
Supply Chain

Beverage Distributor

Corporate Gifts

Custom Furniture Production

Micro Brewery
Construction

Construction

Gardening

Solar Energy
...and many more!
Browse all Industries
Community
Learn

Tutorials

Documentation

Certifications

Training

Podcast

Empower Education

Education Program

Scale Up! Business Game

Visit Odoo
Get the Software

Download

Compare Editions

Releases
Collaborate

Github

Forum

Events

Translations

Become a Partner

Register your Accounting Firm
Get Services

Find a Partner

Find an Accountant

Schedule a demo

Customer References

Implementation Services

Development Services

Support

Upgrades
Github Youtube Twitter Linkedin Instagram Facebook Spotify

+1 (650) 691-3277
Get a demo
Pricing
Contact

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Accounting
Inventory
PoS
Project management
MRP

Take the tour

All Posts People Badges

Tags (View all)

odoo v14 accounting v15 odoo16features

About this forum

VAPT Result: Link Manipulation DOM-BASED, Session token in URL in Odoo CE 10 how to resolve?

1277 Views

Good day! Have anyone encountered these two findings on Odoo CE 10 after a Vulnerability Assessment and Penetration Testing?

1. Link Manipulation DOM-BASED

2. Session token

Can you please share how we can resolve this? Is this solvable through a step of super admin configurations only or should this be fixed on a code level? Thank you in advance, will appreciate very much any ideas or answers.

Enjoying the discussion? Don't just read, join in!

Create an account today to enjoy exclusive features and engage with our awesome community!

Sign up