Lucene search
China National Vulnerability DatabaseCNVD-2021-101203HistoryAug 25, 2021 - 12:00 a.m.
LedgerSMB Cross-Site Scripting Vulnerability (CNVD-2021-101203)
2021-08-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
0.022 Low
EPSS
Percentile
89.6%
LedgerSMB is a free web-based double-entry bookkeeping system with quoting, ordering, invoicing, projects, time cards, inventory management, shipping, etc. A cross-site scripting vulnerability exists in LedgerSMB, which stems from the application’s failure to check the origin of HTML fragments merged into the browser DOM, and could be exploited by an attacker by sending a specially crafted URL to an authenticated user exploit the vulnerability for remote code execution and information disclosure.
Related
osv
osv
CVE-2021-3693
2021-08-23 13:15:07
ledgersmb vulnerabilities
2021-09-30 20:14:07
ledgersmb - security update
2021-08-23 00:00:00
nvd
nvd
CVE-2021-3693
2021-08-23 13:15:07
ubuntucve
ubuntucve
CVE-2021-3693
2021-08-23 00:00:00
prion
prion
Information disclosure
2021-08-23 13:15:00
debiancve
debiancve
CVE-2021-3693
2021-08-23 13:15:07
cvelist
cvelist
CVE-2021-3693 Cross-site Scripting (XSS) - DOM in ledgersmb/ledgersmb
2021-08-23 12:41:57
cve
cve
CVE-2021-3693
2021-08-23 13:15:07
nessus
nessus
Debian DSA-4962-1 : ledgersmb - security update
2021-08-24 00:00:00
Ubuntu 20.04 LTS : LedgerSMB vulnerabilities (USN-5097-1)
2021-10-04 00:00:00
debian
debian
[SECURITY] [DSA 4962-1] ledgersmb security update
2021-08-23 19:23:23
ubuntu
ubuntu
LedgerSMB vulnerabilities
2021-09-30 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-4962-1)
2021-08-25 00:00:00
Ubuntu: Security Advisory (USN-5097-1)
2021-10-05 00:00:00