CNNVD-202511-3075 Information

CNNVD ID

CNNVD-202511-3075

Related CVE

CVE-2025-66420

• CNNVD Published: 2025-11-30

Description (Chinese)

Tryton sao是Tryton开源的一个通用应用平台的Web客户端。 Tryton sao 7.6.9之前版本存在跨站脚本漏洞，该漏洞源于HTML附件可能导致跨站脚本攻击。

Description (English)

Tryton sao is a Web client for a common application platform for Tryton. The pre-Tryton sao 7.6.9 version has a cross-site script loophole, which stems from the fact that an HTML attachment could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

跨站脚本

Affected Vendor

tryton

Published

2025-11-30

Last Modified

2026-02-24

References

https://foss.heptapod.net/tryton/tryton/-/issues/14290 https://discuss.tryton.org/t/security-release-for-issue-14290/8895 https://access.redhat.com/security/cve/cve-2025-66420

Patch

https://www.tryton.org/download