model/modelstorage.py in trytond 3.2.x prior to 3.2.10, 3.4.x prior to 3.4.8, 3.6.x prior to 3.6.5, and 3.8.x prior to 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
tryton trytond |
||
debian debian linux 8.0 |