CVE-2017-5871 Information

Description

Odoo Version = 8.0-20160726 and Version 9 is affected by: CWE-601: Open redirection. The impact is: obtain sensitive information (remote).

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Reference

https://sysdream.com/news/lab/2017-11-20-cve-2017-5871-odoo-url-redirection-to-distrusted-site-open-redirect/ https://sysdream.com/news/lab/2017-11-20-cve-2017-5871-odoo-url-redirection-to-distrusted-site-open-redirect/ https://www.odoo.com

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

LOW

Availability Impact

LOW

Base Score

NONE

Base Severity

5.4