Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-20908 | 1 Akaunting | 1 Akaunting | 2021-10-28 | 3.5 LOW | 5.4 MEDIUM |
| Akaunting v1.3.17 was discovered to contain a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field. | |||||
| CVE-2021-36802 | 1 Akaunting | 1 Akaunting | 2021-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product. | |||||
| CVE-2021-36803 | 1 Akaunting | 1 Akaunting | 2021-08-11 | 3.5 LOW | 5.4 MEDIUM |
| Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product. | |||||
| CVE-2021-36805 | 1 Akaunting | 1 Akaunting | 2021-08-11 | 3.5 LOW | 4.8 MEDIUM |
| Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product. | |||||