Unrated severityNVD Advisory· Published Jun 28, 2019· Updated Aug 5, 2024
CVE-2018-14886
CVE-2018-14886
Description
The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Odoo/Odoo Communitydescription
Patches
Vulnerability mechanics
References
2- github.com/odoo/odoo/commits/mastermitrex_refsource_MISC
- github.com/odoo/odoo/issues/32513mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.