Unrated severityNVD Advisory· Published Jun 21, 2021· Updated Aug 4, 2024
CVE-2020-22390
CVE-2020-22390
Description
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.
Affected products
2- Akaunting/Akauntingdescription
Patches
Vulnerability mechanics
References
1- cqinfo.la/csv-injection-in-akaunting/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.