CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-36259

Improper access control in mail module of Odoo Community 17.0 and Odoo Enterprise 17.0 allows remote authenticated attackers to extract sensitive information via an oracle-based (yes/no response) crafted attack.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 19.0%

CVSS Severity

CVSS v3 Score 7.5

References

https://github.com/odoo/odoo/issues/199330

Products affected by CVE-2024-36259

Odoo » Odoo » Version: 17.0

cpe:2.3:a:odoo:odoo:17.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-36259

Products

Pricing

Contact Us