Описание
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| tryton-server | fixed | 7.0.40-1 | package | |
| tryton-server | not-affected | bullseye | package |
Примечания
https://discuss.tryton.org/t/security-release-for-issue-14364/8952
https://foss.heptapod.net/tryton/tryton/-/issues/14364
EPSS
Процентиль: 16%
0.0005
Низкий
Связанные уязвимости
CVSS3: 7.1
ubuntu
4 месяца назад
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
CVSS3: 7.1
nvd
4 месяца назад
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
CVSS3: 7.1
github
4 месяца назад
trytond does not enforce access rights for the route of the HTML editor.
EPSS
Процентиль: 16%
0.0005
Низкий