Lucene search
K

5 matches found

NVD
NVD
added 2026/06/22 6:16 p.m.10 views

CVE-2026-11994

Akaunting 3.1.21 contains an authenticated stored Cross-Site Scripting vulnerability in the report management workflow. A user with permission to create or update reports can store arbitrary HTML/JavaScript in the description field of a report...

4.8CVSS0.00321EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/23 12:23 a.m.5 views

CVE-2025-55521

An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated attackers to cause a Denial of Service DoS via a crafted POST request...

6.5CVSS6.8AI score0.00442EPSS
Exploits1References1
OSV
OSV
added 2021/10/25 3:15 p.m.6 views

CVE-2020-20908

Akaunting v1.3.17 was discovered to contain a stored cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Company Name input field...

5.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2021/08/04 11:15 p.m.23 views

CVE-2021-36805

Akaunting version 2.1.12 and earlier suffers from a persistent type II cross-site scripting XSS vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product...

5.2CVSS0.00625EPSS
Exploits1References1
OSV
OSV
added 2021/08/04 11:15 p.m.19 views

CVE-2021-36803

Akaunting version 2.1.12 and earlier suffers from a persistent type II cross-site scripting XSS vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product...

5.4CVSS5.9AI score
Exploits0References1
Rows per page
Query Builder