CVE-2021-3693 - Ledgersmb Ledgersmb and Debian Debian Linux

Critical 9.6

LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

Affected software

Ledgersmb Ledgersmb

Debian Debian Linux

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.