cve/CVE-2021-36803.md at 8f32eec229df5ac6033987f6cf2822bfcb07c2e0

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

marc 555e9c7de4 Update Sat May 25 21:48:12 CEST 2024

2024-05-25 21:48:12 +02:00

Description

Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product.

POC

Reference

https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/

Github

No PoCs found on GitHub currently.

792 B Raw Blame History

CVE-2021-36803

Description

POC

Reference

Github

792 B

Raw Blame History