CVE-2025-66423: Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.…

November 30, 2025 • Source: NVD (API)

Tryton trytond 6.0 before 7.6.11 has an access control vulnerability (CVE-2025-66423) in the HTML editor route, allowing unauthorized access.

Tryton trytond 6.0 before 7.6.11 does not enforce access rights for the route of the HTML editor. This is fixed in 7.6.11, 7.4.21, 7.0.40, and 6.0.70.

Related CVEs

CVE-2025-66423

This article is best viewed with JavaScript enabled. Visit: https://10alert.com/article/cve-2025-66423-tryton-trytond-60-before-7611-does-not-enforce-access-rig-9cefd755