CVE-2021-44775

MEDIUM6.1EPSS 0.35%

發布日:2023/4/25修改日:2026/4/28

描述

Cross-site scripting (XSS) issue in Website app of Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents.

受影響套件(2)

Bitnami/odoofrom 0, < 15.0.1
Debian/odoofrom 0, < 14.0.0+dfsg.2-7+deb11u1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

參考連結(4)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2021-44775
WEBhttps://github.com/odoo/odoo/issues/107691
WEBhttps://nvd.nist.gov/vuln/detail/CVE-2021-44775
WEBhttps://www.debian.org/security/2023/dsa-5399