Denial-of-Service Vulnerability in Akaunting Version 2.1.12 and Earlier

Denial-of-Service Vulnerability in Akaunting Version 2.1.12 and Earlier

CVE-2021-36802 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product.

Learn more about our Web Application Penetration Testing UK.