Scribd
Upload
170 views1 page

ODOO-MYSPGZTL - Intigriti

Uploaded by

Anurag Kumar Rawat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
170 views1 page

ODOO-MYSPGZTL - Intigriti

Uploaded by

Anurag Kumar Rawat
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

anurag666

Dashboard Programs Inbox


#621

 Filter text Show "lters

Odoo / Odoo 16.0 / File upload Stored XSS via svg. Request support
SORT BY Last activity PROGRAMS All
Code: ODOO-MYSPGZTL

31 of 31 items shown

Pending 31/10/2023, 8:29:58 PM LAST UPDATED 31/10/2023, 8:29:58 PM POSSIBLE BOUNTY €300

Program details
File upload Stored XSS via svg.
CREATED 28/10/2023, 12:50:15 PM BONUS €0
Medium ●
Odoo 16.0 ODOO-MYSPGZTL

SEVERITY Medium 5.4  TYPE Stored Cross-Site Scripting

STATUS Pending Show history


Archived 31/8/2023, 5:30:05 AM

Email veri"cation bypass leads to pre auth full account ta…

Medium ●
DataCamp DATACAMP-U8RKUTKG

Collaborators
Archived 12/8/2023, 5:30:03 AM

● Remote code execution (0day)(CVE-2023-3519)

Undecided ●
Ubisoft VDP UBISOFT-0W8958YD

Report

Archived 10/8/2023, 5:30:02 AM

Re#ected xss due to CVE 2023-24488

Medium ●
Ubisoft VDP UBISOFT-4DYYG3JC

Messages

Archived 26/7/2023, 5:30:06 AM

anurag666 created the submission


● Re#ected xss due to CVE 2023-24488
28/10/2023, 12:50:15 PM
Medium ●
Ubisoft VDP UBISOFT-CA24HBJI

Unread messages
Archived 26/7/2023, 5:30:02 AM

● Re#ected xss due to CVE 2023-24488


m0b changed the severity from High to Medium (5.4)
Medium ●
Ubisoft VDP UBISOFT-62S0DBWB

31/10/2023, 8:28:29 PM

Archived 26/7/2023, 5:30:02 AM

● Re#ected xss due to CVE 2023-24488 m0b changed the endpoint/vulnerable component
Medium ●
Ubisoft VDP UBISOFT-9M1TJNQP
● from https://test1015.odoo.com/web/image/website/1/logo/test?unique=26197af
to <SITE_NAME>.odoo.com/web/image/website/1/logo/<SITE_NAME>
31/10/2023, 8:28:40 PM
Archived 25/7/2023, 5:30:03 AM

● Re#ected xss due to CVE 2023-24488


m0b [ triage ]
Medium ●
Ubisoft VDP UBISOFT-1KVPYWA0

31/10/2023, 8:29:58 PM

Hi anurag666,
Archived 25/7/2023, 5:30:03 AM

● Re#ected cross site scripting due to CVE -2023-24488 Thank you for choosing our platform for your bug-bounty adventures!

Medium Ubisoft VDP UBISOFT-2RXMQJG8 We had a look at your report and we were able to reproduce your PoC. Therefore, we will forward
● ●

your report to the company. They will have a look and get back to you as soon as possible.

Archived 25/7/2023, 5:30:03 AM


We really appreciate the time and e!ort you put into securing this program and we are looking
● Re#ected xss due to CVE 2023-24488 forward to your next submission!
Medium ●
Ubisoft VDP UBISOFT-6YZVZVLD

Kind regards,

Archived 25/7/2023, 5:30:03 AM M0b

● Re#ected xss due to CVE 2023-24488

Medium ●
Ubisoft VDP UBISOFT-828VFQV5

m0b changed the status from Triage to Pending
31/10/2023, 8:32:27 PM

Archived 25/7/2023, 5:30:03 AM

● Re#ected XSS Due to CVE-2023-24488


Add message
Medium ●
Ubisoft VDP UBISOFT-8NT34SA6

Archived 25/7/2023, 5:30:03 AM

● Re#ected xss due to CVE 2023-24488 © Copyright 2023 by intigriti


Uptime & status Legal information Knowledge base Terms & conditions Cookie policy Cookie settings
Medium ●
Ubisoft VDP UBISOFT-BOH1F6JW

Privacy statement

You might also like