model/modelstorage.py in trytond 3.2.x before 3.2.10, 3.4.x before 3.4.8, 3.6.x before 3.6.5, and 3.8.x before 3.8.1 allows remote authenticated users to bypass intended access restrictions and write to arbitrary fields via a sequence of records.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: debian

Published: 2016-04-13T15:00:00

Updated: 2024-08-06T04:26:10.389Z

Reserved: 2015-01-07T00:00:00

Link: CVE-2015-0861

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2016-04-13T15:59:00.133

Modified: 2024-11-21T02:23:52.400

Link: CVE-2015-0861

cve-icon Redhat

No data.