Auth bypass in website_mail module

Date reported
Date acknowledged
Date fixed
Vulnerable versions 9.0, 10.0
Fix Commit(s) 6033439, e00370e

The security advisory was disclosed to Odoo partners on 2018-08-07, but is not yet publicly released by Odoo Security Team.