CVE-2025-66420

CVSS v3.1

5.4

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Tryton sao (aka tryton-sao) versions prior to 7.6.9 Tryton sao (aka tryton-sao) version 7.4.19 Tryton sao (aka tryton-sao) version 7.0.38 Tryton sao (aka tryton-sao) version 6.0.67

Description The software contains a cross-site scripting (XSS) issue that can be triggered through a malicious HTML attachment. The issue allows for the injection of potentially harmful scripts into a user's browser.

Recommendations Update Tryton sao to version 7.6.9 or later. Update Tryton sao to version 7.4.19. Update Tryton sao to version 7.0.38. Update Tryton sao to version 6.0.67.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2025-66420

Affected Products

Tryton Sao

CVE-2025-66420

Weakness Enumeration

Related Identifiers

Affected Products

References · 4