Database Content Access and Modification Vulnerability in Odoo Community and Enterprise 15.0 and Earlier

CVE-2021-23186 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system.

Learn more about our Web Application Penetration Testing UK.