High severity8.8NVD Advisory· Published Jul 4, 2017· Updated Jun 17, 2026
CVE-2017-10805
CVE-2017-10805
Description
In Odoo 8.0, Odoo Community Edition 9.0 and 10.0, and Odoo Enterprise Edition 9.0 and 10.0, incorrect access control on OAuth tokens in the OAuth module allows remote authenticated users to hijack OAuth sessions of other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*+ 5 more
- cpe:2.3:a:odoo:odoo:10.0:*:*:*:community:*:*:*
- cpe:2.3:a:odoo:odoo:10.0:*:*:*:enterprise:*:*:*
- cpe:2.3:a:odoo:odoo:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:odoo:odoo:9.0:*:*:*:community:*:*:*
- cpe:2.3:a:odoo:odoo:9.0:*:*:*:enterprise:*:*:*
- (no CPE)
Patches
Vulnerability mechanics
References
1- github.com/odoo/odoo/issues/17921nvdMitigationPatchThird Party Advisory
News mentions
0No linked articles in our index yet.