CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-26263

Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 27.7%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/odoo/odoo/issues/107693
https://www.debian.org/security/2023/dsa-5399
https://github.com/odoo/odoo/issues/107693
https://www.debian.org/security/2023/dsa-5399

Products affected by CVE-2021-26263

Odoo » Odoo » Version: 14.0

cpe:2.3:a:odoo:odoo:14.0
Odoo » Odoo » Version: 15.0

cpe:2.3:a:odoo:odoo:15.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-26263

Products

Pricing

Contact Us