Security Release for issue #12428SynopsisEdbo and Cédric Krier have found that record rules are not enforced by trytond when only reading fields without an SQL type (like Function fields). Impact
WorkaroundThere is no known workaround. ResolutionAll affected users should upgrade Affected versions per series:
Non affected versions per series:
ReferenceConcerns?Any security concerns should be reported on the bug-tracker at https://bugs.tryton.org/ with the confidential checkbox checked. 1 post - 1 participant |
[tryton-announces] Security Release for issue #12428
News - Tryton Discussion: ced Mon, 31 Jul 2023 09:10:19 -0700