CVE-2021-3694 - Debian Debian Linux and Ledgersmb Ledgersmb

Critical 9.6

LedgerSMB does not sufficiently HTML-encode error messages sent to the browser. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

Affected software

Debian Debian Linux

Ledgersmb Ledgersmb

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.