Community mailing list archives
Odoo Security Advisories: multiple advisories just disclosed!by
Olivier Dony (odo)
We have just disclosed 7 important security advisories.
Please review them carefully and make sure your on-premise Odoo installations are up-to-date.
- 2016-04a-password-export: User access to secure password hashes - Score: 4.0
- 2016-04b-user-write - Modification / Hijack of other user accounts - Score: 7.5
- 2016-07a-login-redirect - Cross-site scripting in login redirect - Score: 5.9
- 2016-07b-ogone-eval - Arbitrary code execution with Ogone transactions - Score: 7.3
- 2016-07c-unsafe-pickle - Stored remote code execution - Score: 5.9
- 2016-07d-unsafe-eval - Stored remote code execution - Score: 5.7
- 2016-07e-portal-wizard - Privilege escalation via Share Wizard - Score: 7.3