CVE-2020-20908
CVE-2020-20908 affects Akaunting v1.3.17, with a stored XSS vulnerability in the Company Name input field. The root cause noted in CNVD-style sources is insufficient filtering/validation of user-supplied data, allowing an attacker to inject and execute JavaScript in the client context. Public ref...