2 matches found
CVE-2022-26662
CVE-2022-26662 describes an XML Entity Expansion (XEE) vulnerability in Tryton Application Platform (Server) and Proteus, allowing an unauthenticated attacker to send crafted XML-RPC to exhaust server resources. Affected ranges include Tryton Server 5.x up through 5.0.45, 6.x up through 6.0.15, 6...
CVE-2022-26661
CVE-2022-26661 is an XXE vulnerability in Tryton Application Platform (Server) and its proteus CLI client. The issue allows an authenticated user to have the server parse a crafted XML SEPA file to access arbitrary files on the system. Affected families include Tryton Server (5.x up to 5.0.45; 6....