Red Hat Bugzilla – Bug 1293282
CVE-2015-0861 trytond: Missing checks of access permissions when writing to record fields
Last modified: 2015-12-21 05:28:44 EST
It was found that authenticated malicious user can write arbitrary values in record fields due missed checks of access permissions when multiple records are written.
Created trytond tracking bugs for this issue:
Affects: fedora-all [bug 1293283]
Affects: epel-all [bug 1293284]