High severityNVD Advisory· Published Nov 30, 2025· Updated Dec 1, 2025
CVE-2025-66423
CVE-2025-66423
Description
Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
trytondPyPI | >= 7.5.0, < 7.6.11 | 7.6.11 |
trytondPyPI | >= 7.1.0, < 7.4.21 | 7.4.21 |
trytondPyPI | >= 7.0.0, < 7.0.40 | 7.0.40 |
trytondPyPI | >= 6.0.0, < 6.0.70 | 6.0.70 |
Affected products
2Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.