Detections
Analytics

CVE-2021-26263

medium

Description

Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a victim, by posting crafted contents.

References

https://www.debian.org/security/2023/dsa-5399

https://github.com/odoo/odoo/issues/107693

Details

Source: Mitre, NVD

Published: 2023-04-25

Updated: 2023-05-05

Risk Information

CVSS v2

Base Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N

Severity: Medium

CVSS v3

Base Score: 6.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Severity: Medium