[SECURITY] Fedora 43 Update: seamonkey-2.53.23-1.fc43

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

Unrestricted File Upload

dnn.platform is vulnerable to Unrestricted File Upload. The vulnerability is due to the default HTML editor provider allowing unauthenticated file uploads and overwriting of existing files, which allows an attacker to upload malicious files, deface the website, and potentially inject XSS payloads...

📄 DNN Platform Pre‑10.1.1 Arbitrary File Upload

DNN Platform version Pre‑10.1.1 suffers from an unauthenticated arbitrary file upload vulnerability. This software was formerly known as DotNetNuke. ============================================================================================================================================= | Titl...

Linux Distros Unpatched Vulnerability : CVE-2025-66423

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization in the HTML editor route. An attacker can gain unauthorized access to sensitive information and user metadata by sending crafted requests to the affected endpoint. Remediation Upgrade trytond to version 6.0.70,...

EUVD-2025-199918

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

GHSA-P3P5-XRMV-4J6X trytond does not enforce access rights for the route of the HTML editor.

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

trytond does not enforce access rights for the route of the HTML editor.

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

UBUNTU-CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66423

CVE-2025-66423 affects Tryton’s Trytond server, specifically 6.0 before 7.6.11. The root cause is that the HTML editor route did not enforce access rights, allowing unauthorized access as described in multiple sources. The vulnerability is fixed in versions 7.6.11, 7.4.21, 7.0.40, and 6.0.70. Acc...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

CVE-2025-66423

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70...

VulnCheck KEV: CVE-2025-64095

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Prior to 10.1.1, the default HTML editor provider allows unauthenticated file uploads and images can overwrite existing files. An unauthenticated user can upload and replace existing files...

[SECURITY] Fedora 42 Update: seamonkey-2.53.22-1.fc42

SeaMonkey is an all-in-one Internet application suite previously made popular by Netscape and Mozilla. It includes an Internet browser, advanced e-mail, newsgroup and feed client, a calendar, IRC client, HTML editor and a tool to inspect the DOM for web pages. It is derived from the application...

DotNetNuke < 10.1.1 Unrestricted File Upload

DotNetNuke CMS versions prior to 10.1.1 are affected by an unrestricted file upload vulnerability due to improper validation of uploaded files in the default HTML editor provider. This vulnerability allows unauthenticated users to upload files without proper restrictions, potentially leading to...

U.S. Dept Of Defense: DNN - Unrestricted Arbitrary File Upload #████████

A vulnerability was discovered in versions of DNN formerly DotNetNuke prior to 10.1.1. The vulnerability was caused by the default HTML editor provider allowing unauthenticated file uploads and overwriting of existing files. This could have led to website defacement and cross-site scripting attac...

EUVD-2025-36566

DNN CKEditor Provider allows unauthenticated upload out-of-the-box...