Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2018-14860

Improper sanitization of dynamic user expressions in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated privileged users to escape from the dynamic expression sandbox and execute arbitrary code on the hosting system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.024
EPSS Ranking 84.2%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 9.0
Products affected by CVE-2018-14860
  • Odoo » Odoo » Version: 10.0
    cpe:2.3:a:odoo:odoo:10.0
  • Odoo » Odoo » Version: 11.0
    cpe:2.3:a:odoo:odoo:11.0
  • Odoo » Odoo » Version: 8.0
    cpe:2.3:a:odoo:odoo:8.0
  • Odoo » Odoo » Version: 9.0
    cpe:2.3:a:odoo:odoo:9.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved