RSS   Vulnerabilities for 'Akaunting'   RSS

2021-06-21
 
CVE-2020-22390

CWE-1236
 

 
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.

 


Copyright 2021, cxsecurity.com

 

Back to Top