"Abdulfatah Abdillahi has found that sao does not escape the completion values. The content of completion is generally the record name which may be edited in many ways depending on the model. The content may include some JavaScript which is executed in the same context as sao which gives access to sensitive data such as the session."
"Impact CVSS v3.0 Base Score: 7.3 Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: Required Scope: Unchanged Confidentiality: High Integrity: High Availability: None"
"Workaround There is no general workaround. Resolution All affected users should upgrade sao to the latest version. Affected versions per series: Non affected versions per series: Reference Concerns? Any security concerns should be reported on the bug-tracker at https://bugs.tryton.org/ with the confidential checkbox checked."
sao does not escape completion values. Completion content is generally the record name and can be edited in various ways depending on the model. Completion content may include JavaScript that is executed in the same context as sao, which can expose sensitive data such as the session. The vulnerability has a CVSS v3.0 base score of 7.3 with network attack vector, low complexity, low privileges required, user interaction required, unchanged scope, high confidentiality and integrity impact, and no availability impact. There is no general workaround. All affected users should upgrade sao to the latest version.
Read at Tryton Discussion
Unable to calculate read time
Collection
[
|
...
]