📦 Trytond

This vulnerability allows unauthorized access to the HTML editor route in Tryton trytond due to missing access rights enforcement. Attackers could potentially modify or inject malicious content throug...

This CVE describes an XML Entity Expansion (XEE) vulnerability in Tryton Application Platform that allows unauthenticated attackers to send crafted XML-RPC messages to consume all server resources. Th...

Tryton trytond versions before 7.6.11, 7.4.21, 7.0.40, and 6.0.70 fail to enforce access controls during data export operations. This allows authenticated users to export data they shouldn't have perm...

This vulnerability in Tryton's trytond server allows remote attackers to obtain sensitive trace-back information that reveals server setup details. It affects all Tryton installations running vulnerab...