Akaunting

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-55522 MEDIUM POC This Week

Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Akaunting
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-55521 MEDIUM POC This Week

An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated attackers to cause a Denial of Service (DoS) via a crafted POST request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Akaunting
NVD GitHub
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-55522
EPSS 0% CVSS 6.5
MEDIUM POC This Week

Cross-site scripting (XSS) vulnerability in the component /common/reports of Akaunting v3.1.18 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Akaunting
NVD GitHub
CVE-2025-55521
EPSS 0% CVSS 6.5
MEDIUM POC This Week

An issue in the component /settings/localisation of Akaunting v3.1.18 allows authenticated attackers to cause a Denial of Service (DoS) via a crafted POST request. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Denial Of Service Akaunting
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy