CVE-2025-66423

CVSS 7.1 HIGHEPSS 0.2%CWE-863

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Productos afectados

Tryton · trytond

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://discuss.tryton.org/t/security-release-for-issue-14364/8952 https://foss.heptapod.net/tryton/tryton/-/issues/14364