Arbitrary File Read Vulnerability in Tryton

Arbitrary File Read Vulnerability in Tryton

CVE-2016-1242 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.

Learn more about our User Device Pen Test.