<!DOCTYPE html> <html lang="uk-UA" data-website-id="1" data-main-object="website.page(72,)"> <!-- ___ ___ ___ ___ / _ \| \ / _ \ / _ \ | (_) | |) | (_) | (_) | \___/|___/ \___/ \___/ ___ _ _ _ / __| |_ __ _| | |___ _ _ __ _ ___ | (__| ' \/ _` | | / -_| ' \/ _` / -_) \___|_||_\__,_|_|_\___|_||_\__, \___| |___/ If you're the kind of person who reads source code, you should try our challenge: https://www.odoo.com/jobs/challenge --> <head> <meta charset="utf-8"/> <meta http-equiv="X-UA-Compatible" content="IE=edge"/> <meta name="viewport" content="width=device-width, initial-scale=1"/> <meta name="mobile-web-app-capable" content="yes"/> <meta name="generator" content="Odoo"/> <meta name="google-site-verification" content="pgjyH0qvN69B0m_HrTKV6h8TVnbRXp5etEHo19unPy4"/> <meta name="description" content="We want Odoo to be safe for everyone. If you&#39;ve discovered a security vulnerability, please help us by reporting it in a responsible manner. Please find here our policy and our guidelines for reporting security issues."/> <meta name="keywords" content="openerp s a, security, responsible disclosure, vulnerability, odoo, program, bounty, reward, issue, security bug"/> <meta property="og:type" content="website"/> <meta property="og:title" content="Responsible Disclosure of Odoo Security Vulnerabilities"/> <meta property="og:site_name" content="Odoo"/> <meta property="og:url" content="https://www.odoo.com/uk_UA/security-report"/> <meta property="og:image" content="https://www.odoo.com/web/image/website/1/social_default_image"/> <meta property="og:description" content="We want Odoo to be safe for everyone. If you&#39;ve discovered a security vulnerability, please help us by reporting it in a responsible manner. Please find here our policy and our guidelines for reporting security issues."/> <meta name="twitter:card" content="summary_large_image"/> <meta name="twitter:title" content="Responsible Disclosure of Odoo Security Vulnerabilities"/> <meta name="twitter:image" content="https://www.odoo.com/web/image/website/1/social_default_image"/> <meta name="twitter:site" content="@odoo"/> <meta name="twitter:description" content="We want Odoo to be safe for everyone. If you&#39;ve discovered a security vulnerability, please help us by reporting it in a responsible manner. Please find here our policy and our guidelines for reporting security issues."/> <link rel="alternate" hreflang="ar" href="https://www.odoo.com/ar/security-report"/> <link rel="alternate" hreflang="ca" href="https://www.odoo.com/ca_ES/security-report"/> <link rel="alternate" hreflang="zh" href="https://www.odoo.com/zh_CN/security-report"/> <link rel="alternate" hreflang="zh-tw" href="https://www.odoo.com/zh_TW/security-report"/> <link rel="alternate" hreflang="cs" href="https://www.odoo.com/cs_CZ/security-report"/> <link rel="alternate" hreflang="nl" href="https://www.odoo.com/nl_NL/security-report"/> <link rel="alternate" hreflang="en" href="https://www.odoo.com/security-report"/> <link rel="alternate" hreflang="fi" href="https://www.odoo.com/fi_FI/security-report"/> <link rel="alternate" hreflang="fr" href="https://www.odoo.com/fr_FR/security-report"/> <link rel="alternate" hreflang="de" href="https://www.odoo.com/de_DE/security-report"/> <link rel="alternate" hreflang="id" href="https://www.odoo.com/id_ID/security-report"/> <link rel="alternate" hreflang="it" href="https://www.odoo.com/it_IT/security-report"/> <link rel="alternate" hreflang="ja" href="https://www.odoo.com/ja_JP/security-report"/> <link rel="alternate" hreflang="ko" href="https://www.odoo.com/ko_KR/security-report"/> <link rel="alternate" hreflang="lt" href="https://www.odoo.com/lt_LT/security-report"/> <link rel="alternate" hreflang="pl" href="https://www.odoo.com/pl_PL/security-report"/> <link rel="alternate" hreflang="pt" href="https://www.odoo.com/pt_BR/security-report"/> <link rel="alternate" hreflang="ro" href="https://www.odoo.com/ro_RO/security-report"/> <link rel="alternate" hreflang="ru" href="https://www.odoo.com/ru_RU/security-report"/> <link rel="alternate" hreflang="sk" href="https://www.odoo.com/sk_SK/security-report"/> <link rel="alternate" hreflang="sl" href="https://www.odoo.com/sl_SI/security-report"/> <link rel="alternate" hreflang="es" href="https://www.odoo.com/es/security-report"/> <link rel="alternate" hreflang="es-es" href="https://www.odoo.com/es_ES/security-report"/> <link rel="alternate" hreflang="th" href="https://www.odoo.com/th_TH/security-report"/> <link rel="alternate" hreflang="tr" href="https://www.odoo.com/tr_TR/security-report"/> <link rel="alternate" hreflang="uk" href="https://www.odoo.com/uk_UA/security-report"/> <link rel="alternate" hreflang="vi" href="https://www.odoo.com/vi_VN/security-report"/> <link rel="alternate" hreflang="x-default" href="https://www.odoo.com/security-report"/> <link rel="canonical" href="https://www.odoo.com/uk_UA/security-report"/> <link rel="preconnect" href="https://fonts.gstatic.com/" crossorigin=""/> <title>Responsible Disclosure of Odoo Security Vulnerabilities</title> <link type="image/x-icon" rel="shortcut icon" href="https://odoocdn.com/web/image/website/1/favicon?unique=b432541"/> <link rel="preload" href="https://odoocdn.com/web/static/src/libs/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0" as="font" crossorigin=""/> <link type="text/css" rel="stylesheet" href="https://odoocdn.com/web/assets/1/45bc567/web.assets_frontend.min.css"/> <script id="web.layout.odooscript" type="text/javascript"> var odoo = { csrf_token: "f6dd48b42885d81d6be29ad1783f08c4389aa221o1774700751", debug: "", }; </script> <script type="text/javascript"> odoo.__session_info__ = {"is_admin": false, "is_system": false, "is_public": true, "is_internal_user": false, "is_website_user": true, "uid": null, "is_frontend": true, "profile_session": null, "profile_collectors": null, "profile_params": null, "show_effect": true, "currencies": {"137": {"symbol": "AED", "position": "after", "digits": [69, 2]}, "19": {"symbol": "ARS", "position": "after", "digits": [69, 2]}, "21": {"symbol": "AUD", "position": "after", "digits": [69, 2]}, "59": {"symbol": "\u09f3", "position": "after", "digits": [69, 2]}, "27": {"symbol": "\u043b\u0432", "position": "after", "digits": [69, 2]}, "6": {"symbol": "R$", "position": "before", "digits": [69, 2]}, "4": {"symbol": "CAD", "position": "after", "digits": [69, 2]}, "5": {"symbol": "CHF", "position": "after", "digits": [69, 2]}, "7": {"symbol": "CNY", "position": "after", "digits": [69, 2]}, "194": {"symbol": "K\u010d", "position": "after", "digits": [69, 2]}, "10": {"symbol": "kr", "position": "after", "digits": [69, 2]}, "80": {"symbol": "E\u00a3", "position": "after", "digits": [69, 2]}, "1": {"symbol": "\u20ac", "position": "after", "digits": [69, 2]}, "18": {"symbol": "GBP", "position": "after", "digits": [69, 2]}, "25": {"symbol": "HK$", "position": "after", "digits": [69, 2]}, "193": {"symbol": "Rp", "position": "before", "digits": [69, 2]}, "20": {"symbol": "Rs", "position": "after", "digits": [69, 2]}, "26": {"symbol": "\u00a5", "position": "after", "digits": [69, 2]}, "100": {"symbol": "KSh", "position": "after", "digits": [69, 2]}, "34": {"symbol": "\u20a9", "position": "after", "digits": [69, 2]}, "116": {"symbol": " \u062f.\u0645", "position": "after", "digits": [69, 2]}, "115": {"symbol": "\u20ae", "position": "after", "digits": [69, 2]}, "44": {"symbol": "Rs", "position": "after", "digits": [69, 2]}, "35": {"symbol": "Mex$", "position": "before", "digits": [69, 2]}, "36": {"symbol": "RM", "position": "after", "digits": [69, 2]}, "183": {"symbol": "kr", "position": "before", "digits": [69, 2]}, "37": {"symbol": "$", "position": "after", "digits": [69, 2]}, "38": {"symbol": "Php", "position": "after", "digits": [69, 2]}, "171": {"symbol": "Rs.", "position": "after", "digits": [69, 2]}, "16": {"symbol": "z\u0142", "position": "after", "digits": [69, 2]}, "166": {"symbol": "QR", "position": "after", "digits": [69, 2]}, "30": {"symbol": "kr", "position": "after", "digits": [69, 2]}, "158": {"symbol": "SR", "position": "after", "digits": [69, 2]}, "178": {"symbol": "kr", "position": "after", "digits": [69, 2]}, "39": {"symbol": "$", "position": "after", "digits": [69, 2]}, "40": {"symbol": "\u0e3f", "position": "after", "digits": [69, 2]}, "141": {"symbol": "DT", "position": "after", "digits": [69, 2]}, "146": {"symbol": "NT$", "position": "after", "digits": [69, 2]}, "2": {"symbol": "US$", "position": "before", "digits": [69, 2]}, "24": {"symbol": "\u20ab", "position": "after", "digits": [69, 2]}, "41": {"symbol": "R", "position": "after", "digits": [69, 2]}}, "bundle_params": {"lang": "en_US", "website_id": 1}, "test_mode": false, "websocket_worker_version": "18.0-3", "translationURL": "/website/translations", "cache_hashes": {"translations": "aa99db0f8591f8bb3b40484d24d34d5172a212b6"}, "geoip_country_code": "SG", "geoip_phone_code": 65, "lang_url_code": "uk_UA", "turnstile_site_key": "0x4AAAAAAADwqVOUIWCeR_H8", "add_to_cart_action": "stay"}; if (!/(^|;\s)tz=/.test(document.cookie)) { const userTZ = Intl.DateTimeFormat().resolvedOptions().timeZone; document.cookie = `tz=${userTZ}; path=/`; } </script> <script type="text/javascript" defer="defer" src="https://odoocdn.com/web/assets/1/232a60b/web.assets_frontend_minimal.min.js" onerror="__odooAssetError=1"></script> <script type="text/javascript" defer="defer" data-src="https://odoocdn.com/web/assets/1/4aa886d/web.assets_frontend_lazy.min.js" onerror="__odooAssetError=1"></script> <script type="application/ld+json"> { "@context": "http://schema.org", "@type": "Organization", "name": "Odoo S.A.", "logo": "https://www.odoo.com/logo.png?company=1", "url": "https://www.odoo.com" } </script> <script> if (!window.odoo) { window.odoo = {}; } odoo.__session_info__ = odoo.__session_info__ || { websocket_worker_version: "18.0-3" } odoo.__session_info__ = Object.assign(odoo.__session_info__, { livechatData: { isAvailable: true, serverUrl: "https://www.odoo.com", options: {"header_background_color": "#714b67", "button_background_color": "#714b67", "title_color": "#FFFFFF", "button_text_color": "#FFFFFF", "button_text": "Chat with a human!", "input_placeholder": false, "default_message": "Welcome to Odoo. How can I help you today?", "channel_name": "Odoo Website ALL", "channel_id": 19, "default_username": "\u0412\u0456\u0434\u0432\u0456\u0434\u0443\u0432\u0430\u0447"}, }, test_mode: false, }); </script> <script> window.dataLayer = window.dataLayer || []; function gtag(){dataLayer.push(arguments);} </script> <noscript> <style> /* Prevent animated elements hiding */ .o_animate_in_children > * { opacity: 1!important; -webkit-transform: scale(1)!important; -ms-transform: scale(1)!important; transform: scale(1)!important; } </style> </noscript> </head> <body> <div id="wrapwrap" class=" o_security_report "> <a class="o_skip_to_content btn btn-primary rounded-0 visually-hidden-focusable position-absolute start-0" href="#wrap">Skip to Content</a> <header id="top" data-anchor="true" data-name="Header" data-extra-items-toggle-aria-label="Додаткова кнопка елементів" class=" o_no_autohide_menu o_affix_enabled o_header_fixed o_header_fade_out o_main_header o_not_editable" style=" "> <div class="o_main_header_main top_menu" id="top_menu"> <a class="float-start o_logo" href="/uk_UA"><span class="visually-hidden sr-only">Odoo</span></a> <a href="#" role="button" class="o_mobile_menu_toggle d-inline-block d-lg-none"> <i class="fa fa-bars" focusable="false"></i><span class="visually-hidden sr-only">Меню</span> </a> <ul class="o_header_buttons list-unstyled"> <li class="nav-item d-lg-none me-auto"> <a class="nav-link text-whatsapp ps-0 py-2" href="https://wa.me/85264491993"> <i class="fa fa-whatsapp fs-4 align-middle mt-n1 me-2"></i><small>WhatsApp</small> </a> </li> <li class="o_wsale_my_cart nav-item me-lg-0 d-none"> <a href="/uk_UA/shop/cart" class="nav-link px-1" aria-label="Shopping Cart"> <i class="fa fa-shopping-cart"></i><sup class="my_cart_quantity rounded-pill bg-o-color-1 ms-1 py-1 px-2"></sup> </a> </li> <li class="nav-item o_no_autohide_item"> <a href="/web/login" class="nav-link">Увійти</a> </li> <li class="nav-item o_no_autohide_item"><a class="btn btn-primary btn-sm text-nowrap trial_link" href="/uk_UA/trial">Спробуйте це безкоштовно</a> </li> </ul> <ul class="o_primary_nav"> <li class="dropdown"> <a href="#" aria-label="Модулі: використовуйте спадне меню для перемикання модулів" data-bs-toggle="dropdown" data-bs-display="static" aria-expanded="false" class="dropdown-toggle">Додатки</a> <div class="start-0 dropdown-menu o_secondary_nav" data-bs-parent="o_primary_nav"> <div class="container"> <div class="row"> <div class="col-lg-3 o_finance_apps "> <div class="o_nav_app_family">Фінанси</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/accounting">Бухоблік</a></li> <li><a class="dropdown-item" href="/uk_UA/app/invoicing">Виставлення рахунку</a></li> <li><a class="dropdown-item" href="/uk_UA/app/expenses">Витрати</a></li> <li><a class="dropdown-item" href="/uk_UA/app/spreadsheet">Електронні таблиці (BI)</a></li> <li><a class="dropdown-item" href="/uk_UA/app/documents">Документи</a></li> <li><a class="dropdown-item" href="/uk_UA/app/sign">Підпис</a></li> </ul> </div> <div class="col-lg-3 o_sale_apps "> <div class="o_nav_app_family">Продажі</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/crm">CRM</a></li> <li><a class="dropdown-item" href="/uk_UA/app/sales">Продажі</a></li> <li><a class="dropdown-item" href="/uk_UA/app/point-of-sale-shop">POS Магазин</a></li> <li><a class="dropdown-item" href="/uk_UA/app/point-of-sale-restaurant">POS Ресторан</a></li> <li><a class="dropdown-item" href="/uk_UA/app/subscriptions">Підписки</a></li> <li><a class="dropdown-item" href="/uk_UA/app/rental">Оренда</a></li> </ul> </div> <div class="col-lg-3 o_website_apps "> <div class="o_nav_app_family">Веб-сайти</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/website">Конструктор веб-сайту</a></li> <li><a class="dropdown-item" href="/uk_UA/app/ecommerce">Електронна комерція</a></li> <li><a class="dropdown-item" href="/uk_UA/app/blog">Блог</a></li> <li><a class="dropdown-item" href="/uk_UA/app/forum">Форум</a></li> <li><a class="dropdown-item" href="/uk_UA/app/live-chat">Живий чат</a></li> <li><a class="dropdown-item" href="/uk_UA/app/elearning">Електронне навчання</a></li> </ul> </div> <div class="col-lg-3 o_inventory_apps "> <div class="o_nav_app_family">Ланцюг поставок</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/inventory">Склад</a></li> <li><a class="dropdown-item" href="/uk_UA/app/manufacturing">Виробництво</a></li> <li><a class="dropdown-item" href="/uk_UA/app/plm">PLM</a></li> <li><a class="dropdown-item" href="/uk_UA/app/purchase">Купівлі</a></li> <li><a class="dropdown-item" href="/uk_UA/app/maintenance">Технічне обслуговування</a></li> <li><a class="dropdown-item" href="/uk_UA/app/quality">Якість</a></li> </ul> </div> </div> <div class="row"> <div class="col-lg-3 o_hr_apps "> <div class="o_nav_app_family">Кадри</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/employees">Співробітники</a></li> <li><a class="dropdown-item" href="/uk_UA/app/recruitment">Рекрутинг</a></li> <li><a class="dropdown-item" href="/uk_UA/app/time-off">Відпустки</a></li> <li><a class="dropdown-item" href="/uk_UA/app/appraisals">Оцінювання</a></li> <li><a class="dropdown-item" href="/uk_UA/app/referrals">Рекомендації</a></li> <li><a class="dropdown-item" href="/uk_UA/app/fleet">Автотранспорт</a></li> </ul> </div> <div class="col-lg-3 o_marketing_apps "> <div class="o_nav_app_family">Маркетинг</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/social-marketing">Маркетинг соцмереж</a></li> <li><a class="dropdown-item" href="/uk_UA/app/email-marketing">Email-маркетинг</a></li> <li><a class="dropdown-item" href="/uk_UA/app/sms-marketing">SMS-маркетинг</a></li> <li><a class="dropdown-item" href="/uk_UA/app/events">Події</a></li> <li><a class="dropdown-item" href="/uk_UA/app/marketing-automation">Автом. маркетингу</a></li> <li><a class="dropdown-item" href="/uk_UA/app/surveys">Опитування</a></li> </ul> </div> <div class="col-lg-3 o_services_apps "> <div class="o_nav_app_family">Послуги</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/project">Проект</a></li> <li><a class="dropdown-item" href="/uk_UA/app/timesheet">Табелі</a></li> <li><a class="dropdown-item" href="/uk_UA/app/field-service">Виїзне обслуговування</a></li> <li><a class="dropdown-item" href="/uk_UA/app/helpdesk">Служба підтримки</a></li> <li><a class="dropdown-item" href="/uk_UA/app/planning">Планування</a></li> <li><a class="dropdown-item" href="/uk_UA/app/appointments">Призначення</a></li> </ul> </div> <div class="col-lg-3 o_productivity_apps "> <div class="o_nav_app_family">Продуктивність</div> <ul> <li><a class="dropdown-item" href="/uk_UA/app/discuss">Обговорення</a></li> <li><a class="dropdown-item" href="/uk_UA/app/approvals">Схвалення</a></li> <li><a class="dropdown-item" href="/uk_UA/app/iot">IoT</a></li> <li><a class="dropdown-item" href="/uk_UA/app/voip">IP-телефонія</a></li> <li><a class="dropdown-item" href="/uk_UA/app/knowledge">База знань</a></li> <li><a class="dropdown-item" href="/uk_UA/app/whatsapp">WhatsApp</a></li> </ul> </div> </div> </div> <span class="o_store_link d-md-flex justify-content-md-center"> <a class="mx-md-3 px-3 dropdown-item" href="https://apps.odoo.com/apps/modules"><i class="fa fa-cube fa-fw me-2"></i>Сторонні модулі</a> <a class="mx-md-3 px-3 dropdown-item" href="/uk_UA/app/studio"><i class="fa fa-pencil fa-fw me-2"></i>Odoo Studio</a> <a href="https://www.odoo.sh" class="mx-md-3 px-3"><i class="fa fa-cloud fa-fw me-2"></i>Платформа Odoo Cloud</a> </span> </div> </li> <li class="dropdown"> <a href="#" aria-label="Галузі: використовуйте випадаюче меню, щоб знайти посилання на сторінки, пов&#39;язані з галузями" data-bs-toggle="dropdown" data-bs-display="static" aria-expanded="false" class="dropdown-toggle">Сфери</a> <div class="start-0 dropdown-menu o_secondary_nav" data-bs-parent="o_primary_nav"> <div class="container"> <div class="row"> <div class="col-lg-6 p-0 m-0 row"> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_retail_industries "> <div class="o_nav_ind_family">Роздрібна торгівля</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/agriculture-store">Сільськогосподарський магазин</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/bakery">Булочниця</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/book-store">Книжковий магазин</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/clothing-store">Магазин одягу</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/furniture-store">Магазин меблів</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/grocery-store">Продуктовий магазин</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/hardware-store">Магазин будівельних матеріалів</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/toy-store">Магазин іграшок</a></li> </ul> </div> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_services_industries "> <div class="o_nav_ind_family">Послуги</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/bike-leasing">Лізинг велосипедів</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/billboard-rental">Оренда білбордів</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/hair-salon">Салон краси</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/handyman">Ремонтник</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/law-firm">Юридична фірма</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/odoo-partner">Партнер Odoo</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/property-owner-association">Асоціація власників нерухомості</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/real-estate">Нерухомість</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/talent-acquisition">Придбання Талантів</a></li> </ul> </div> </div> <div class="col-lg-6 p-0 m-0 row"> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_construction_industries "> <div class="o_nav_ind_family">Будівництво</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/architecture-firm">Архітектурна фірма</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/construction">Будівництво</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/gardening">Садівництво</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/solar-energy">Сонячна Енергія</a></li> </ul> </div> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_supply_chain_industries "> <div class="o_nav_ind_family">Ланцюг поставок</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/beverage-distributor">Дистриб'ютор напоїв</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/corporate-gifts">Корпоративні подарунки</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/custom-furniture-production">Продукція на замовлення меблів</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/micro-brewery">Мікропивоварня</a></li> </ul> </div> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_health_industries "> <div class="o_nav_ind_family">Здоров'я & Фітнес</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/eyewear-store">Оптика</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/fitness-center">Фітнес-центр</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/sports-club">Спортивний клуб</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/wellness-practitioners">Практики здоров'я</a></li> </ul> </div> <div class="col-lg-6 pt-lg-4 pb-lg-3 px-0 px-lg-5 o_hospitality_industries "> <div class="o_nav_ind_family">Гостинність</div> <ul> <li><a class="dropdown-item" href="/uk_UA/industries/bar-pub">Bar та Pub</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/fast-food">Фастфуд</a></li> <li><a class="dropdown-item" href="/uk_UA/industries/fine-dining-restaurant">Ресторан вишуканої кухні</a></li> </ul> </div> </div> </div> <div class="row"> <div class="col-lg-6 x_wd d-none d-lg-flex align-self-center mx-auto justify-content-start"> <div class="display-6 text-primary">...та багато іншого!</div> <img src="https://odoocdn.com/openerp_website/static/src/img/arrows/grey_arrow_sm_02.svg" height="40px" class="ms-4 mt-2 mb-n2 flip rotate-280" alt="" loading="lazy"/> </div> </div> </div> <span class="o_store_link d-md-flex justify-content-md-center"> <a class="mx-md-3 px-3 dropdown-item" href="/uk_UA/trial?industry"><i class="fa fa-cube fa-fw me-2"></i>Переглянути всі галузі</a> </span> </div> </li> <li class="dropdown"> <a href="#" aria-label="Спільнота: використовуйте спадне меню, щоби знайти посилання на сторінку спільноти" data-bs-toggle="dropdown" data-bs-display="static" aria-expanded="false" class="dropdown-toggle">Спільнота</a> <div class="start-0 dropdown-menu o_secondary_nav pb-0" data-bs-parent="o_primary_nav"> <div class="container"> <div class="row"> <div class="col-lg-3 o_learn_com"> <div class="o_nav_com_family">Навчання</div> <ul> <li><a class="dropdown-item" href="/uk_UA/slides/all/tag/odoo-tutorials-9">Навчальний посібник</a></li> <li><a class="dropdown-item" href="/uk_UA/page/docs">Документація</a></li> <li><a class="dropdown-item" href="/uk_UA/slides/all?slide_category=certification">Сертифікації</a></li> <li><a class="dropdown-item" href="/uk_UA/training-events">Тренування</a></li> <li><a class="dropdown-item" href="https://www.odoo.fm" target="_blank">Подкаст</a></li> </ul> <div class="o_nav_com_family mt-lg-5">Сприяйте Освіті</div> <ul> <li><a class="dropdown-item" href="/uk_UA/education/program">Програма навчання</a></li> <li><a class="dropdown-item" href="/uk_UA/education/scale-up-business-game">Бізнес гра Scale Up!</a></li> <li><a class="dropdown-item" href="/uk_UA/education/visit-odoo">Відвідайте Odoo</a></li> </ul> </div> <div class="col-lg-3 o_software_com"> <div class="o_nav_com_family">Отримайте програмне забезпечення</div> <ul> <li><a class="dropdown-item" href="/uk_UA/page/download">Завантаження</a></li> <li><a class="dropdown-item" href="/uk_UA/page/editions">Порівняйте версії</a></li> <li><a class="dropdown-item" href="/uk_UA/page/release-notes">Релізи</a></li> </ul> </div> <div class="col-lg-3 o_collab_com"> <div class="o_nav_com_family">Співпрацюйте</div> <ul> <li><a class="dropdown-item" href="https://github.com/odoo">Github</a></li> <li><a class="dropdown-item" href="/uk_UA/forum/help-1">Форум</a></li> <li><a class="dropdown-item" href="/uk_UA/events">Події</a></li> <li><a class="dropdown-item" href="https://github.com/odoo/odoo/wiki/Translations">Переклади</a></li> </ul> <ul class="pt-lg-3"> <li><a class="dropdown-item" href="/uk_UA/become-a-partner">Стати партнером</a></li> <li><a class="dropdown-item" href="/uk_UA/accounting-firms/register">Зареєструйте вашу бухгалтерську фірму</a></li> </ul> </div> <div class="col-lg-3 o_services_com"> <div class="o_nav_com_family">Отримайте послуги</div> <ul> <li><a class="dropdown-item" href="/uk_UA/partners">Знайдіть партнера</a></li> <li><a class="dropdown-item" href="/uk_UA/accounting-firms">Знайдіть бухгалтера</a></li> </ul> <ul class="pt-lg-3"> <li><div class="o_schedule_demo "> <a target="_blank" href="/uk_UA/appointment?filter_appointment_type_ids=%255B5542,%2B5543,%2B4497%255D" class="dropdown-item text-start"> Зустріньтеся з консультантом </a> </div> </li> <li><a class="dropdown-item" href="/uk_UA/blog/customer-reviews-6">Референси клієнтів</a></li> </ul> <ul class="pt-lg-3"> <li><a class="dropdown-item" href="/uk_UA/pricing-packs">Послуги з впровадження</a></li> <li><a class="dropdown-item" href="/uk_UA/page/developers-on-demand">Послуги з розробки</a></li> <li><a class="dropdown-item" href="/uk_UA/help">Підтримка</a></li> <li><a class="dropdown-item" href="//upgrade.odoo.com">Оновлення</a></li> </ul> </div> </div> </div> <span class="o_header_social"> <div class="social_icons"> <a target="_blank" href="https://github.com/odoo/odoo" class="d-inline dropdown-item"><i class="fa fa-fw fa-github" focusable="false"></i><span class="visually-hidden sr-only">Github</span></a> <a target="_blank" href="https://www.youtube.com/channel/UCkQPikELWZFLgQNHd73jkdg" class="d-inline dropdown-item"><i class="fa fa-fw fa-youtube-play" focusable="false"></i><span class="visually-hidden sr-only">Youtube</span></a> <a target="_blank" href="https://twitter.com/Odoo" class="d-inline dropdown-item"><i class="fa fa-fw fa-twitter" focusable="false"></i><span class="visually-hidden sr-only">Twitter</span></a> <a target="_blank" href="https://www.linkedin.com/company/odoo" class="d-inline dropdown-item"><i class="fa fa-fw fa-linkedin" focusable="false"></i><span class="visually-hidden sr-only">Linkedin</span></a> <a target="_blank" href="https://www.instagram.com/odoo.official" class="d-inline dropdown-item"><i class="fa fa-fw fa-instagram" focusable="false"></i><span class="visually-hidden sr-only">Instagram</span></a> <a target="_blank" href="https://www.facebook.com/odoo" class="d-inline dropdown-item"><i class="fa fa-fw fa-facebook" focusable="false"></i><span class="visually-hidden sr-only">Facebook</span></a> <a target="_blank" href="https://www.tiktok.com/@odoo" class="d-inline dropdown-item"> <svg xmlns="http://www.w3.org/2000/svg" style="width: 15px; margin-top: -3px;" class="custom-tiktok" viewBox="0 0 2859 3333" shape-rendering="geometricPrecision" text-rendering="geometricPrecision" image-rendering="optimizeQuality" fill-rule="evenodd" clip-rule="evenodd" fill="currentColor"><path d="M2081 0c55 473 319 755 778 785v532c-266 26-499-61-770-225v995c0 1264-1378 1659-1932 753-356-583-138-1606 1004-1647v561c-87 14-180 36-265 65-254 86-398 247-358 531 77 544 1075 705 992-358V1h551z"></path></svg> </a> <a target="_blank" href="//podcast.odoo.com" class="d-inline dropdown-item"><i class="fa fa-fw fa-spotify" focusable="false"></i><span class="visually-hidden sr-only">Spotify</span></a> </div> <div> <a class="d-inline dropdown-item" href="tel:+3222903490"><i class="fa fa-phone text-muted me-1"></i>+32 2 290 34 90</a> <a target="_blank" class="d-inline dropdown-item" href="https://wa.me/85264491993"><i class="fa fa-whatsapp me-1"></i> WhatsApp з нами</a><div class="o_schedule_demo w-auto"> <a target="_blank" href="/uk_UA/appointment?filter_appointment_type_ids=%255B5542,%2B5543,%2B4497%255D" class="dropdown-item d-inline text-start"> <i class="fa fa-calendar text-muted"></i> Отримати демо </a> </div> </div> </span> </div> </li> <li><a href="/uk_UA/pricing">Ціни</a></li> <li><a href="/uk_UA/help">Допомога</a></li> </ul> </div> </header> <main> <style> .text-expert { color: #ff0800; } .text-analyst2 { color: #e85d0c; } .text-analyst { color: #ffb826; } .text-enthusiast { color: #5f0dff; } </style> <div id="wrap" class="oe_structure oe_empty"> <section class="o_colored_level" style="background-image: none;"> <div class="container"> <div class="row"> <div class="col-lg-9 col-md-12 mt16 mb32 o_colored_level"> <h1 class="mb0 mt24">Responsible Disclosure Policy</h1><h4>For Odoo Security Vulnerabilities</h4><div> <p style="text-align: justify; ">The safety of Odoo systems is very important to us (not only because we use Odoo internally), and we consider security problems with the highest priority. <span style="line-height: 1.42857;">We do our best every day to protect Odoo users from known security threats, and we welcome all reports of security vulnerabilities discovered by our users and contributors. </span></p> <p> <span style="line-height: 1.42857;">We are committed to handle vulnerability reports with the greatest attention, provided that the following rules are respected. </span> </p> <h3 id="report"> <span style="line-height: 1.1;">Reporting an issue</span> </h3> </div> <div class="row mt8 mb8"> <div class="col-lg-9">Please share privately the details of your security vulnerability by emailing our Security Team at &nbsp; <i class="fa fa-envelope-o"></i> <img alt="Security at odoo top-level-domain" src="//odoocdn.com/web/image/2032810" loading="lazy"/>. Make sure to include as much information as possible, including the detailed steps to reproduce the problem, the versions that are affected, the expected results and actual results, and any other information that might help us react faster and more efficiently. <span style="background: #ffff0073">We tend to prefer <i>text-based bug descriptions accompanied with a proof-of-concept script/exploit</i>, rather than long videos.</span> </div> <div class="col-lg-3 mb32 small o_colored_level" style="border: 2px dashed #ccc;"> <div> <i class="fa fa-key text-info"></i> <strong>Our GPG Key</strong> </div> <div style="line-height: 150%;"> <tt style="font-weight: 600; font-size: 88%;">4096R/8E877D2F</tt><br/> Fingerprint: <tt style="font-size: 75%;line-height: 80%;">9083 DE46 54A7 8DE3 CFAD D880 0B9E A35A 8E87 7D2F</tt><br/> Download: <a href="https://keys.openpgp.org/vks/v1/by-fingerprint/9083DE4654A78DE3CFADD8800B9EA35A8E877D2F" rel="nofollow">keys.openpgp.org</a> <br/> Download: <a href="https://download.odoo.com/files/odoo_security.asc" rel="nofollow">(mirror)</a> </div> <p></p> </div> <div class="col-lg-9 text-danger border-start ms-3"> <i class="fa fa-warning"></i> Reporting vulnerabilities via third-party websites is not acceptable, as it breaches the terms of our policy. If you are looking for a third-party reward, we may forward the list of CVE IDs assigned to you, so they can verify your rewards - but the issues have to be reported to us directly. </div> </div> <p class="-alert -alert-warning"><b>Please note:</b> we receive a majority of security reports that have little to no impact on the security of Odoo or Odoo Online, and we ultimately have to reject them. To avoid a disappointing experience when contacting us, please try to put together a <b>proof-of-concept attack</b> and take a critical look at <b>what's really at risk</b>. If the proposed attack scenario turns out <b>unrealistic</b>, your report will probably be rejected. Also be sure to review our list of <a href="#what" style="color: #FF8C00; text-decoration: underline">non-qualifying issues</a> below. </p> <p> You may send this report from an anonymous email account, although we promise not to disclose your identity if you do not want us to. </p> <p> You can also encrypt and verify messages to/from our security team with the GPG key linked above. </p> <h3>Incident Response Procedure </h3> <ol> <li style="text-align: justify;">You privately share the details of the security vulnerability with our Security Team by reporting an issue (see above) </li> <li style="text-align: justify;">We acknowledge your submission and verify the vulnerability. Our first answer generally comes under 48h.</li> <li style="text-align: justify;">If the vulnerability is valid and in scope, we request a CVE ID and give it to you as soon as it is assigned.</li> <li style="text-align: justify;">We work on a correction in collaboration with you.</li> <li style="text-align: justify;">We write a detailed Security Advisory describing the issue, its impacts, possible workarounds and solution, and we ask you to review it </li> <li style="text-align: justify;">We privately broadcast the Security Advisory and the correction to stakeholders and customers with an Odoo Enterprise Contract </li> <li style="text-align: justify;">We give stakeholders and customers a reasonable delay to apply the correction, before disclosing it publicly (e.g. 2-3 weeks) </li> <li style="text-align: justify;">We disclose and broadcast the Security Advisory and the correction on <a style="text-decoration: underline" href="/uk_UA/r/security-issues" target="_blank">our public channels</a>. </li> </ol> <div> <h3> <span id="rules">Rules </span> </h3> <p> We ask you to observe the following rules at all times: </p> <ul> <li style="text-align: justify;">Exclusively test vulnerabilities on your own deployments, on demo.odoo.com, or on your own databases on Odoo Cloud (SaaS/SH)</li> <li style="text-align: justify;">Never attempt to access or modify data that does not belong to you </li> <li style="text-align: justify;">Never attempt to execute denial of service attacks, or to compromise the reliability and integrity of services that do not belong to you </li> <li style="text-align: justify;">Do not use scanners or automated tools to find vulnerabilities, as their effects could violate the previous rules (unless you can guarantee that they will be throttled to less than <b>5</b> requests/second, ideally <b>1</b> r/s, and will not break any other rules) </li> <li style="text-align: justify;">Never attempt non-technical attacks such as social engineering, phishing, or physical attacks against anyone or any system without our prior consent </li> <li style="text-align: justify;">Do not publicly disclose vulnerabilities without our prior consent (see also the <b>Disclosure Procedure</b> above). During the non-disclosure period you are authorized to use/test any correction we've provided, as long as no emphasis is put on that correction and it is not published in the form of a security report (i.e. using it on production servers is fine). </li> </ul> <p>In return: </p> <ul> <li>We will not initiate legal action against you if you followed the rules </li> <li>We will process your report and respond as quickly as possible </li> <li>We will provide a fix as soon as possible </li> <li>We will work diligently with stakeholders and customers in order to help them restore the safety of their systems </li> <li>We will not publicly disclose your identity if you do not want to be credited for your discovery</li> </ul> <p> <br/> </p> </div> <h3 id="what">What to report?</h3> <div id="qualifying" style="position: relative;" class="card card-success"> <span class="fa fa-check fa-4x text-success" style=" opacity: 0.5; position: absolute; right: 0.6em; top: 0.2em;"></span> <div class="card card-header"> <h4 style="color: #3c763d;">Qualifying vulnerabilities - DO REPORT!</h4> </div> <div class="card card-body text-justify" style="padding-top: 0px;"> <ul> <li>SQL injection vectors in public API methods</li> <li>XSS vulnerabilities working in supported browsers</li> <li>Broken authentication or session management, allowing unauthorized access</li> <li>Broken sandboxing of customizations, allowing arbitrary code execution or access to system resources</li> </ul> </div> </div> <div id="nonqualifying" style="position: relative;" class="card card-danger"> <span class="fa fa-times fa-4x text-danger" style="opacity: 0.5; position: absolute; right: .6em; top: 0.2em;"></span> <div class="card card-header"> <h4 style="color: #a94442;">NON Qualifying vulnerabilities - DO NOT REPORT!</h4> </div> <div class="card card-body text-justify" style="padding-top: 0px;"> <ul> <li>XSS vulnerabilities working only in unsupported/deprecated browsers, or requiring relaxed security settings</li> <li>Self-XSS attacks requiring the user to actively copy/paste malicious code into their own browser window<br/></li> <li>"XSS attacks" by admins, e.g. via file uploads (SVG, HTML, JS, ...) or script injection. Administrators are webmasters, security restrictions don't apply to them, this is a feature.</li> <li>Rate-limiting / Brute-forcing / Scripting of components working as designed (e.g. password authentication, password reset, etc.) </li> <li>User enumeration (ability to verify that a username exists). Does not carry much risk, and can't be prevented without deteriorating the user experience.</li> <li>File path disclosures, which do not carry significant risk and do not enable attacks that would be otherwise impossible</li> <li>Clickjacking or phishing attacks using social engineering tricks to abuse users, with the system working as intended</li> <li>Tabnapping or other phishing attacks conducted by navigating other browser tabs</li> <li>Logout CSRF (no plausible attack unless combined with Login CSRF + not preventable e.g. via cookie tossing or cookie jar overflow)</li> <li><b><u><font class="text-info">Open redirectors</font></u></b>, which are simply one vector for phishing among many others (<a href="/uk_UA/page/security-nonvuln-redirectors"><span class="fa fa-info-circle"></span> see our detailed explanation</a>)</li> <li>Reflected File Downloads, another attack technique that requires social engineering and is not very practical</li> <li>Referer leak (including sensitive tokens) via social media links or ads/analytics requests - very unlikely to be clicked, or to be exploited within validity period by those mainstream companies!&nbsp;</li> <li><u>More generally</u>, attacks relying on physical or social engineering techniques will usually be rejected </li> <li>Non-permanent Denial of Service (DoS) and distributed DoS (DDoS) that maintain resource exhaustion (cpu/network/memory/...) via a sustained stream of requests/packets</li> <li>Password policies (length, format, character classes, etc.)</li> <li>Missing or partial verification of email addresses, or ways to circumvent it<br/></li> <li>Disclosure of public information or information that does not carry significant risks (directory listing on our downloads archive is a required feature! ;-))</li> <li>Spam-fighting policies and systems such as DKIM, SPF or DMARC</li> <li> Absence of HTTP Strict Transport Security (HSTS) headers, HSTS preloading, and HSTS policies&nbsp; </li> <li> Weak ciphers or SSL deployments details. Our benchmark is an <b>A</b> grade on <a href="https://www.ssllabs.com/ssltest/analyze.html" rel="nofollow">SSLLab's test</a> yet a maximal compatibility with user browsers. We are currently phasing out TLS 1.0 on www.odoo.com, already done for our customer hosting services </li> <li>SSRF attacks, unless they allow access to special protocol handlers (e.g. <tt>file://</tt>), or can be used in a working scenario to bypass access control on the Odoo Cloud Hosting (cfr <a href="https://www.odoo.com/documentation/13.0/setup/deploy.html#security">deployment documentation</a>) </li> <li>Issues in default configuration of access control rules (e.g. ACLs and record rules) - please open regular bug reports instead</li> <li>Attack scenarios that include a prior takeover of the user account or an email account of the user - please open regular bug reports instead</li> </ul> <p>If you have any doubt, <u>please ask us first</u>! </p> </div> </div> <h3> <span id="reward">Reward</span> </h3> <p>If you report a <i>new</i> security issue that is confirmed to be critical (see the <b>DO REPORT</b> section), we will publicly thank you by adding your name to the Odoo Security Hall of Fame, on the right of this page.<br/><span style="color: rgb(102, 108, 117); font-family: &#34;Open Sans&#34;, -apple-system, BlinkMacSystemFont, &#34;Segoe UI&#34;, Roboto, Oxygen, Ubuntu, Cantarell, &#34;Fira Sans&#34;, &#34;Droid Sans&#34;, &#34;Helvetica Neue&#34;, Arial, sans-serif; font-size: 14px; letter-spacing: normal;">&nbsp;</span><br/></p> </div> <div class="col-lg-3 col-md-12 small o_colored_level"> <div class="card card-info"> <div class="card card-header"> <h1 style="text-align: center;" id="hof"> <span class="display-3-fs"><font style="background-color: rgb(255, 231, 156);">Thank YOU!</font></span> </h1> </div> <div class="card card-body pt0"><p style="text-align: justify; "> We are extremely grateful to the following security researchers who have worked with us to further improve the security of Odoo and the Odoo Cloud platforms!</p> <table class="table"> <thead> <tr><th>Researcher</th><th style="width: 9em;">Year</th></tr> </thead> <tbody> <tr><td class="text-nowrap">Nils Hamerlinck <i class="fa fa-shield text-expert" title="Security Expert"></i> <br/> <a href="https://trobz.com/" rel="noopener nofollow">(Trobz)</a> </td><td>2021, 2020, 2019, 2018, 2017, 2016<br/></td></tr> <tr><td class="text-nowrap"><a href="https://twitter.com/colinnewell" rel="nofollow">Colin Newell</a>&nbsp;<i class="fa fa-shield text-analyst2 mb4" title="Security Expert"></i></td> <td>2017, 2016, 2015</td></tr> <tr><td style="white-space: pre;"><a href="http://ibsgroup.io/" rel="noopener nofollow">IBS Group</a> <i class="fa fa-shield text-analyst" title="Security Analyst" data-bs-original-title="Security Analyst"></i></td><td>2019, 2018, 2017, 2015</td></tr> <tr><td>Naglis Jonaitis <i class="fa fa-shield text-analyst" title="Security Analyst" data-bs-original-title="Security Analyst"></i><br/></td><td>2018, 2017, 2016, 2015</td></tr> <tr><td class="text-nowrap"><a href="https://github.com/sswapnesh" rel="noopener nofollow">Swapnesh Shah</a> <i class="fa fa-shield text-analyst" title="Security Analyst" data-bs-original-title="Security Analyst"></i></td><td>2019, 2018</td></tr> <tr><td class="text-nowrap">Ondřej Kuzník <i class="fa fa-shield text-analyst" title="Security Analyst" data-bs-original-title="Security Analyst"></i></td><td>2017, 2016, 2015</td></tr> <tr><td class="text-nowrap"><a href="https://github.com/lebr0nli" rel="noopener nofollow" class="text-nowrap" title="lebr0nli (Alan Li), working with DEVCORE Internship Program">lebr0nli (Alan Li)</a>&nbsp;<i class="fa fa-shield text-enthusiast" title="Security Enthusiast"></i></td><td>2024</td></tr> <tr><td class="text-nowrap">Elliot&nbsp;Ward&nbsp;<i class="fa fa-shield text-enthusiast" title="Security Enthusiast"></i></td><td>2024, 2023</td></tr> <tr><td class="text-nowrap">Florent&nbsp;Mirieu&nbsp;de&nbsp;Labarre&nbsp;<i class="fa fa-shield text-enthusiast" title="Security Enthusiast"></i></td><td>2019, 2018</td></tr> <tr><td>Alexandre Moens <i class="fa fa-shield text-enthusiast" title="Security Enthusiast"></i></td><td>2023, 2021</td></tr> <tr><td><a href="https://twitter.com/sushiwushi2" rel="noopener nofollow">iamsushi</a> <i class="fa fa-shield text-enthusiast" title="Security Enthusiast" data-bs-original-title="Security Analyst"></i></td><td>2021, 2019</td></tr> <tr><td><a href="https://www.linkedin.com/in/rafi-shapiro" rel="noopener nofollow">Rafi Shapiro</a></td><td>2023</td></tr> <tr><td><a href="https://github.com/tardo" rel="noopener nofollow">Alexandre Díaz</a></td><td>2021, 2020</td></tr> <tr><td><a href="https://twitter.com/yenthe666" rel="nofollow">Yenthe Van Ginneken</a></td><td>2019, 2018</td></tr> <tr><td><a href="https://www.linkedin.com/in/fbpatel" rel="nofollow noopener">Bhavin Fadadu</a></td><td>2023</td></tr> <tr><td><a href="https://www.linkedin.com/in/niyas-raphy-2a9001139/" rel="nofollow noopener">Niyas Raphy</a></td><td>2022</td></tr> <tr><td><a href="https://www.linkedin.com/in/rifat-al-jubayer" rel="noopener nofollow">Rifat Al Jubayer</a></td><td>2022</td></tr> <tr><td>Andreas Perhab <br/><a href="https://www.wt-io-it.at/" rel="noopener nofollow">(WT-IO-IT GmbH)</a></td><td>2021</td></tr> <tr><td>Parth Gajjar</td><td>2021</td></tr> <tr><td>Theodoros Malachias</td><td>2021</td></tr> <tr><td>Ranjit Pahan</td><td>2021</td></tr> <tr><td>Iago Ruiz</td><td>2021</td></tr> <tr><td>Johannes Moritz (Cure53)</td><td>2021</td></tr> <tr><td><a href="https://www.linkedin.com/in/moezhemani/" rel="noopener nofollow">Moez Hemani</a></td><td>2021</td></tr> <tr><td><a href="https://linkedin.com/in/loctv" rel="noopener nofollow">Loc Truong</a></td><td>2020</td></tr> <tr><td><a href="https://www.linkedin.com/in/damien-lescos" rel="noopener nofollow">Damien LESCOS</a></td><td>2020</td></tr> <tr><td><a href="https://twitter.com/jattyboys1996" rel="noopener nofollow">Santosh Kumar Sha</a></td><td>2020</td></tr> <tr><td><a href="https://twitter.com/ksanchez_cld" rel="nofollow noopener">Kennedy Sanchez</a></td><td>2020</td></tr> <tr><td><a href="https://www.huntr.dev/users/Anon-Artist/" rel="nofollow noopener">Abhiram V</a></td><td>2020</td></tr> <tr><td>Christopher Riis Bubeck Eriksen</td><td>2020</td></tr> <tr><td>"Raspina Net Pars Group"</td><td>2020</td></tr> <tr><td>Alessandro Innocenti</td><td>2020</td></tr> <tr><td>Holger Brunn<br/> (<a href="https://hunki-enterprises.com" rel="noopener nofollow">Hunki Enterprises BV</a>) </td> <td>2019</td></tr> <tr><td><a href="https://github.com/MaioSource" rel="noopener nofollow">Agustín Ezequiel Maio</a></td><td>2019</td></tr> <tr><td>Emre Övünç</td><td>2019</td></tr> <tr><td class="text-nowrap">Lauri Vakkala (Silverskin)</td><td>2019</td></tr> <tr><td class="text-nowrap">P. Valov (SoCyber)</td><td>2019</td></tr> <tr><td class="text-nowrap">Nathanael ROTA (Capgemini)</td><td>2019</td></tr> <tr><td class="text-nowrap">Tomas Canzoniero</td><td>2019</td></tr> <tr><td>Subash SN (Appsecco)</td><td>2019</td></tr> <tr><td>Bharath Kumar (Appsecco)</td><td>2019</td></tr> <tr><td>Dipanshu Agrawal</td><td>2019</td></tr> <tr><td>Anıl Yüksel</td><td>2019</td></tr> <tr><td>Aitor Fuentes (kr0no)</td><td>2019</td></tr> <tr><td>Erwin van der Ploeg <a href="https://odooexperts.nl" rel="noopener nofollow">(Odoo Experts)</a></td><td>2018</td></tr> <tr><td>Benoît Chenal (Excellium-services – Application Security)</td><td>2018</td></tr> <tr><td>Adan Álvarez (A2secure)</td><td>2018</td></tr> <tr><td>Bharath Kumar (Appsecco)</td><td>2018</td></tr> <tr><td>Subash SN (Appsecco)</td><td>2018</td></tr> <tr><td><a href="https://twitter.com/sbidoul" rel="noopener nofollow">Stéphane&nbsp;Bidoul</a> (ACSONE)</td><td>2018</td></tr> <tr><td><a href="https://www.linkedin.com/in/mehmetuncer" rel="noopener nofollow">Mehmet&nbsp;Tuncer</a></td><td>2018</td></tr> <tr><td><a href="https://twitter.com/hmatosrodrigues" rel="noopener nofollow">Hugo&nbsp;Rodrigues</a></td><td>2018</td></tr> <tr><td><a href="https://github.com/moylop260" rel="noopener nofollow">Moises Lopez</a></td><td>2018</td></tr> <tr><td style="white-space: nowrap;"><a href="https://github.com/carlosdauden" rel="noopener nofollow">Carlos&nbsp;Daudén</a>,<br/><a href="https://www.tecnativa.com/" rel="nofollow">Tecnativa S.L.</a></td><td>2018 </td></tr> <tr><td>Andrew Grasso <br/>(Logic Supply)</td><td>2017</td></tr> <tr><td>Juba Baghdad</td><td>2017</td></tr><tr><td>Prakash Dhatti</td><td>2017</td></tr> <tr><td style="white-space: nowrap"><a href="https://twitter.com/jubabaghdad" rel="noopener nofollow">JubaBaghdad</a></td><td>2017</td></tr> <tr><td>Romain E Silva (Sysdream)</td><td>2017</td></tr> <tr><td>Adel Nettar (Sysdream)</td><td>2017</td></tr> <tr><td>Azizul Hakim</td><td>2017</td></tr> <tr><td style="white-space: nowrap">"Ayrx" via <a href="https://twitter.com/securiteam_ssd" rel="noopener nofollow" target="_blank">SSD</a></td><td>2017</td></tr> <tr><td style="white-space: nowrap;"><a href="https://www.twitter.com/wtaferner" rel="noopener nofollow">Wolfgang Taferner</a><br/><a href="https://www.wt-io-it.at/" rel="nofollow">(WT-IO-IT GmbH)</a></td><td>2017</td></tr> <tr><td><a href="https://twitter.com/sxcurity" rel="noopener nofollow">Corben Leo</a></td><td>2017</td></tr> <tr><td>Cameron Dawe</td><td>2016</td></tr> <tr><td><a href="https://twitter.com/xavieralt" rel="noopener nofollow">Xavier Alt</a></td><td>2016</td></tr> <tr><td>Vibhuti Ranjan Vidyarshy Nath</td><td>2016</td></tr> <tr><td>Mohammad Alhashash<br/></td><td>2016</td></tr> <tr><td>Nagaraju Repala<br/></td><td>2016</td></tr> <tr><td><a href="https://twitter.com/lepistone" rel="noopener nofollow">Leonardo Pistone</a> (Camptocamp France)</td><td>2015</td></tr> <tr><td>Mohamed Khaled Fathy</td><td>2015</td></tr> <tr><td>Dipak Kumar Das</td><td>2015</td></tr> <tr><td><a href="https://twitter.com/pcatinean" rel="noopener nofollow">Paul Catinean</a></td><td>2015</td></tr> <tr><td>Muhammed Gamal Fahmy</td><td>2015</td></tr> <tr><td>Openinside Co.</td><td>2015</td></tr> <tr><td>ONESTEiN / Glasswall </td><td>2015</td></tr> <tr><td>Sven Schleier, KPMG Management Consulting, SG</td><td>2015</td></tr> <tr><td>Ondřej Kuzník &amp; Craig Gowing, credativ Ltd</td><td>2015</td></tr> <tr><td>Daniel Lawson</td><td>2014</td></tr> <tr><td>"diesenfranz"</td><td>2014</td></tr> <tr><td><a href="https://twitter.com/noteed" rel="nofollow noopener">Vo Minh Thu</a></td><td>2013</td></tr> <tr id="sp_thanks"> <td><a href="https://twitter.com/b_ike" rel="nofollow noopener">Bastian Ike</a></td><td>2013</td></tr> </tbody> </table> <p class="mt32 mb8"></p><h5>- Special Thanks -<br/></h5> The Security Team would also like to thank the following individuals for their contributions to improve the security of Odoo users (in alphabetical order): <div style="padding-left: 5px" class="mt-2"> <i> Aaron Devaney, <a href="https://www.linkedin.com/in/abhishek-venkata" rel="nofollow noopener">Abhishek Venkat</a>, Ahsan Khan, <a href="https://twitter.com/0xtakemyhand" rel="nofollow noopener">Ameya Darshan</a>, Caleb Kinney, Cédric Krier, Christophe Hanon, Deepali Malekar, <a href="https://twitter.com/__fazal" rel="nofollow noopener">Fazal Ur Rahman</a>, <a href="https://www.linkedin.com/in/flo-van-der-vlist/" rel="nofollow noopener">Flo van der Vlist</a>, Huzaifa Jawaid, <a href="https://www.linkedin.com/in/ismailtasdelen/" rel="nofollow noopener">Ismail Tasdelen</a>, Ivan Yelizariev, <a href="https://github.com/Yajo" rel="nofollow noopener">Jairo Llopis</a>, <a href="https://www.linkedin.com/in/khanjanny/" rel="nofollow noopener">Khan Janny</a>, Leonardo "LeartS" Donelli, Mohammed Israil, <a href="https://www.linkedin.com/in/mohamed-karara/" rel="nofollow noopener">Mohamed Karara</a>, <a href="https://www.linkedin.com/in/niyas-raphy-2a9001139/" rel="nofollow noopener">Niyas Raphy</a>, Riccardo Ancarani, <a href="https://www.linkedin.com/in/saddam-maniyar-854857126" rel="nofollow noopener">Saddam Maniyar</a>, <a href="http://twitter.com/sameerphad72" rel="nofollow noopener">Sameer Phad</a>, Sébastien Versailles, "St00rm N00b", Suyog Palav, Tarun Manhor- Abhaychandra Chede, <a href="https://www.linkedin.com/in/tayler-porter-b9195b230" rel="nofollow noopener">Tayler Porter</a>, Ye Yint Min Thu Htut, Ziaur Rashid </i> </div> <div id="bottom">&nbsp;</div> </div> </div> </div> </div> </div> </section> </div> <div id="o_shared_blocks" class="oe_unremovable"></div> </main> <footer id="bottom" data-anchor="true" data-name="Footer" class="o_footer o_colored_level o_cc o_footer_slideout"> <div id="footer" class="container o_not_editable "> <span class="o_logo o_logo_inverse d-block mx-auto o_footer_logo my-5"></span> <div class="row"> <div class="col-12 col-lg-7 col-xl-6"> <div class="row"> <div class="col-12 col-md-4 mb-3 mb-md-0"> <div class="row"> <div class="col-6 col-md-12"> <span class="o_footer_title">Спільнота</span> <ul class="o_footer_links list-unstyled"> <li><a href="/uk_UA/slides/all/tag/odoo-tutorials-9">Навчальний посібник</a></li> <li><a href="/uk_UA/page/docs">Документація</a></li> <li><a href="/uk_UA/forum/help-1">Форум</a></li> </ul> </div> <div class="col-6 col-md-12"> <span class="o_footer_title">Open Source</span> <ul class="o_footer_links list-unstyled"> <li><a href="/uk_UA/page/download">Завантаження</a></li> <li class="divider"></li> <li><a href="https://github.com/odoo/odoo">Github</a></li> <li><a href="https://runbot.odoo.com/">Runbot</a></li> <li><a href="https://github.com/odoo/odoo/wiki/Translations">Переклади</a></li> </ul> </div> </div> </div> <div class="col-6 col-md-4"> <span class="o_footer_title">Послуги</span> <ul class="o_footer_links list-unstyled"> <li><a href="https://www.odoo.sh">Хостинг Odoo.sh</a></li> <li class="divider"></li> <li><a href="/uk_UA/help">Підтримка</a></li> <li><a href="https://upgrade.odoo.com">Оновлення</a></li> <li><a href="/uk_UA/page/developers-on-demand">Спеціальні Розробки</a></li> <li><a href="/uk_UA/education/program">Навчання</a></li> <li class="divider"></li> <li><a href="/uk_UA/accounting-firms">Знайдіть бухгалтера</a></li> <li class="divider"></li> <li><a href="/uk_UA/partners">Знайдіть партнера</a></li> <li><a href="/uk_UA/become-a-partner">Стати партнером</a></li> </ul> </div> <div class="col-6 col-md-4 mb-4"> <span class="o_footer_title">Про нас</span> <ul class="o_footer_links list-unstyled"> <li><a href="/uk_UA/page/about-us">Наша компанія</a></li> <li><a href="/uk_UA/page/brand-assets">Торгові активи</a></li> <li><a href="/uk_UA/contactus">Зв'яжіться з нами</a></li> <li><a href="/uk_UA/jobs">Вакансії</a></li> <li class="divider"></li> <li><a href="/uk_UA/events">Події</a></li> <li><a href="//podcast.odoo.com">Подкаст</a></li> <li><a href="/uk_UA/blog">Блог</a></li> <li><a href="/uk_UA/blog/6">Клієнти</a></li> <li class="divider"></li> <li><a href="/uk_UA/legal">Юридичні документи</a> <span class="small text-muted">•</span> <a href="/uk_UA/privacy">Конфіденційність</a></li> <li><a href="/uk_UA/security">Безпека</a></li> </ul> </div> </div> </div> <div class="col-12 col-lg-5 col-xl-5 offset-xl-1"> <div class="d-flex align-items-center justify-content-between"> <div class="js_language_selector o_language_selector dropdown d-print-none"> <button type="button" data-bs-toggle="dropdown" aria-haspopup="true" aria-expanded="true" class="border-0 dropdown-toggle btn btn-sm btn-outline-secondary"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/ua.png?height=25" alt="" loading="lazy"/> <span class=""> українська</span> </button> <div role="menu" class="dropdown-menu "> <a class="dropdown-item js_change_lang " role="menuitem" href="/ar/security-report" data-url_code="ar" title=" الْعَرَبيّة"> <img class="o_lang_flag " src="https://odoocdn.com/web/image/res.lang/23/flag_image?height=25" alt="" loading="lazy"/> <span class=""> الْعَرَبيّة</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/ca_ES/security-report" data-url_code="ca_ES" title=" Català"> <img class="o_lang_flag " src="https://odoocdn.com/web/image/res.lang/30/flag_image?height=25" alt="" loading="lazy"/> <span class=""> Català</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/zh_CN/security-report" data-url_code="zh_CN" title=" 简体中文"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/cn.png?height=25" alt="" loading="lazy"/> <span class=""> 简体中文</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/zh_TW/security-report" data-url_code="zh_TW" title=" 繁體中文"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/tw.png?height=25" alt="" loading="lazy"/> <span class=""> 繁體中文</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/cs_CZ/security-report" data-url_code="cs_CZ" title=" Čeština"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/cz.png?height=25" alt="" loading="lazy"/> <span class=""> Čeština</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/nl_NL/security-report" data-url_code="nl_NL" title=" Nederlands"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/nl.png?height=25" alt="" loading="lazy"/> <span class=""> Nederlands</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/security-report" data-url_code="en_US" title="English"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/us.png?height=25" alt="" loading="lazy"/> <span class="">English</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/fi_FI/security-report" data-url_code="fi_FI" title=" Suomi"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/fi.png?height=25" alt="" loading="lazy"/> <span class=""> Suomi</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/fr_FR/security-report" data-url_code="fr_FR" title=" Français"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/fr.png?height=25" alt="" loading="lazy"/> <span class=""> Français</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/de_DE/security-report" data-url_code="de_DE" title=" Deutsch"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/de.png?height=25" alt="" loading="lazy"/> <span class=""> Deutsch</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/id_ID/security-report" data-url_code="id_ID" title=" Bahasa Indonesia"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/id.png?height=25" alt="" loading="lazy"/> <span class=""> Bahasa Indonesia</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/it_IT/security-report" data-url_code="it_IT" title=" Italiano"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/it.png?height=25" alt="" loading="lazy"/> <span class=""> Italiano</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/ja_JP/security-report" data-url_code="ja_JP" title=" 日本語"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/jp.png?height=25" alt="" loading="lazy"/> <span class=""> 日本語</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/ko_KR/security-report" data-url_code="ko_KR" title=" 한국어 (KR)"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/kr.png?height=25" alt="" loading="lazy"/> <span class=""> 한국어 (KR)</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/lt_LT/security-report" data-url_code="lt_LT" title=" Lietuvių kalba"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/lt.png?height=25" alt="" loading="lazy"/> <span class=""> Lietuvių kalba</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/pl_PL/security-report" data-url_code="pl_PL" title=" Język polski"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/pl.png?height=25" alt="" loading="lazy"/> <span class=""> Język polski</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/pt_BR/security-report" data-url_code="pt_BR" title=" Português (BR)"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/br.png?height=25" alt="" loading="lazy"/> <span class=""> Português (BR)</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/ro_RO/security-report" data-url_code="ro_RO" title=" română"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/ro.png?height=25" alt="" loading="lazy"/> <span class=""> română</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/ru_RU/security-report" data-url_code="ru_RU" title=" русский язык"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/ru.png?height=25" alt="" loading="lazy"/> <span class=""> русский язык</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/sk_SK/security-report" data-url_code="sk_SK" title=" Slovenský jazyk"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/sk.png?height=25" alt="" loading="lazy"/> <span class=""> Slovenský jazyk</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/sl_SI/security-report" data-url_code="sl_SI" title=" slovenščina"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/si.png?height=25" alt="" loading="lazy"/> <span class=""> slovenščina</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/es/security-report" data-url_code="es" title=" Español (América Latina)"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/419.png?height=25" alt="" loading="lazy"/> <span class=""> Español (América Latina)</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/es_ES/security-report" data-url_code="es_ES" title=" Español"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/es.png?height=25" alt="" loading="lazy"/> <span class=""> Español</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/th_TH/security-report" data-url_code="th_TH" title=" ภาษาไทย"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/th.png?height=25" alt="" loading="lazy"/> <span class=""> ภาษาไทย</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/tr_TR/security-report" data-url_code="tr_TR" title=" Türkçe"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/tr.png?height=25" alt="" loading="lazy"/> <span class=""> Türkçe</span> </a> <a class="dropdown-item js_change_lang active" role="menuitem" href="/uk_UA/security-report" data-url_code="uk_UA" title=" українська"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/ua.png?height=25" alt="" loading="lazy"/> <span class=""> українська</span> </a> <a class="dropdown-item js_change_lang " role="menuitem" href="/vi_VN/security-report" data-url_code="vi_VN" title=" Tiếng Việt"> <img class="o_lang_flag " src="https://odoocdn.com/base/static/img/country_flags/vn.png?height=25" alt="" loading="lazy"/> <span class=""> Tiếng Việt</span> </a> </div> </div> </div> <hr class="mt-3 mb-4"/> <p class="small text-muted">Odoo - це набір програм для роботи з відкритим кодом, які охоплюють всі ваші потреби компанії: CRM, електронна комерція, бухгалтерський облік, склад, точка продажу, управління проектами тощо.</p> <p class="small text-muted mb-4">Унікальна пропозиція Odoo - це одночасно дуже проста у використанні та повністю інтегрована.</p> <div class="o_footer_social_media mb-4"> <a target="_blank" href="https://www.facebook.com/odoo" class="me-3"><i class="fa fa-fw fa-facebook"></i></a> <a target="_blank" href="https://twitter.com/Odoo" class="me-3"><i class="fa fa-fw fa-twitter"></i></a> <a target="_blank" href="https://www.linkedin.com/company/odoo" class="me-3"><i class="fa fa-fw fa-linkedin"></i></a> <a target="_blank" href="https://github.com/odoo/odoo" class="me-3"><i class="fa fa-fw fa-github"></i></a> <a target="_blank" href="https://www.instagram.com/odoo.official" class="me-3"><i class="fa fa-fw fa-instagram"></i></a> <a target="_blank" href="https://www.tiktok.com/@odoo" class="me-3"><i class="fa fa-fw fa-tiktok"></i></a> <a target="_blank" class="me-3" href="tel:+3222903490"><i class="fa fa-fw fa-phone"></i></a> <a target="_blank" href="https://wa.me/85264491993"><i class="fa fa-fw fa-whatsapp"></i></a> </div> </div> </div> </div> <div class="o_footer_copyright o_not_editable"> <div class="container py-3 text-center"> <a class="small" href="/uk_UA/app/website">Website made with <span class="o_logo o_logo_inverse o_logo_15"></span></a> </div> </div> </footer> </div> <div id="o_live_modal" class="modal fade" tabindex="-1" role="dialog" contentEditable="false"> <div class="modal-dialog"> <div class="modal-content"> <div class="modal-header"> <h3 class="mt-1"><b>Odoo Experience</b> on YouTube</h3> <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Закрити"><span title="Close" class="fa fa-times"></span></button> <p class="text-black"> <b>1.</b> Use the live chat to ask your questions.<br/> <b>2.</b> The operator answers within a few minutes. </p> </div> <div class="modal-body bg-200"> <img src="https://odoocdn.com/openerp_website/static/src/img/2016/live-support/info.gif" class="img img-fluid" alt="Live support on Youtube" loading="lazy"/> </div> <div class="modal-footer"> <a class="btn btn-primary btn-lg" target="_blank" href="https://www.odoo.com/event/odoo-experience-2024-4662/track">Watch now<i class="fa fa-1x fa-long-arrow-right ml8"></i></a> </div> </div> </div> </div> </body> </html>