Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:3854
HistoryApr 06, 2017 - 8:23 a.m.

Arbitrary File Read

2017-04-0608:23:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5

EPSS

0.002

Percentile

54.2%

Trytond is vulnerable to arbitrary file reads. Remote authenticated users are able to read files through a root name with a different suffix. This vulnerability exists because of an incomplete fix for CVE-2016-1242.