Vulnerabilidades em tryton
7 resultadosCVE-2012-2238—trytond 2.4: ModelView.button fails to validate authorizationEPSS 1.8%CVE-2020-37014MEDIUMTryton 5.4 - Persistent Cross-Site ScriptingEPSS 0.3%CVE-2025-66422MEDIUMTryton trytond before 7.6.11 allows remote attackers to obtain sensitive trace-back (server setup) information. This is fixed in 7.6.11, 7.4EPSS 0.2%CVE-2025-66424MEDIUMTryton trytond 6.0 before 7.6.11 does not enforce access rights for data export. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.EPSS 0.2%CVE-2025-66423HIGHTryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, aEPSS 0.2%CVE-2025-66420MEDIUMTryton sao (aka tryton-sao) before 7.6.9 allows XSS via an HTML attachment. This is fixed in 7.6.9, 7.4.19, 7.0.38, and 6.0.67.EPSS 0.1%CVE-2025-66421MEDIUMTryton sao (aka tryton-sao) before 7.6.11 allows XSS because it does not escape completion values. This is fixed in 7.6.11, 7.4.21, 7.0.40, EPSS 0.1%