VYPR
High severity8.8NVD Advisory· Published Jul 4, 2017· Updated Jun 17, 2026

CVE-2017-10805

CVE-2017-10805

Description

In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Odcms/Odoo6 versions
    cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*+ 5 more
    • cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*
    • cpe:2.3:a:odoo:odoo:10.0:*:*:*:enterprise:*:*:*
    • cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:odoo:odoo:9.0:*:*:*:community:*:*:*
    • cpe:2.3:a:odoo:odoo:9.0:*:*:*:enterprise:*:*:*
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.