Important
The responsible disclosure policy has been followed when reporting these vulnerabilities. A patch has been made available by the modules' vendors before this repository was made public.
Warning
The information and scripts provided here are intended for research and educational purposes only. Usage of these resources in any way that could compromise the security of a system used in production is strictly prohibited and may lead to legal consequences. The creator of these resources bears no responsibility for any misuse or harm resulting from their utilization.
This repository hosts a collection of Odoo modules identified as vulnerable to attacks that could compromise an Odoo instance. Each of these vulnerabilities has been recognized and assigned a CVE ID by MITRE.
An exploitation script along with a proof-of-concept video are available for each module, demonstrating how the vulnerabilities can be exploited in a practical scenario.