cvedb.io
CVE-2022-26661
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-03-10T17:47:52.213 · Last modified 2026-06-17T04:35:36.500

Summary

An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.

Affected products

tryton — proteus

Does this affect you?

Add your gear to cvedb and we'll alert you only when tryton ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.