Synopsis
A vulnerability in sao has been found by Cédric Krier .
With issue9089, the web client does not set noreferrer nor noopener to open external links.
An attacker could trick a Tryton user to open a crafted URL which will allow him to take control of web page on which sao is running. He could then steal for example the session.
Impact
- Attack Vector: Network
- Attack Complexity: High
- Privileges Required: None
- User Interaction: Required
- Scope: Unchanged
- Confidentiality: Low
- Integrity: Low
- Availability: None
Workaround
Users must not open non-trusted URLs from the web client.
Resolution
All affected users should upgrade sao to the latest version.
Affected versions per series:
- 5.4: <= 5.4.3
- 5.2: <= 5.2.11
- 5.0: <=5.0.19
Non affected versions per series:
- 5.4: >= 5.4.4
- 5.2: >= 5.2.12
- 5.0: >= 5.0.20
Reference
Concern?
Any security concerns should be reported on the bug-tracker at
https://bugs.tryton.org/ with the type security .