An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-07T22:40:00

Updated: 2022-03-11T14:06:18

Reserved: 2022-03-07T00:00:00


Link: CVE-2022-26662

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-03-10T17:47:52.560

Modified: 2022-03-18T15:07:58.183


Link: CVE-2022-26662

JSON object: View

cve-icon Redhat Information

No data.

CWE