CVE List

CVE-2021-3693

Severe 9.6

LedgerSMB does not check the origin of HTML fragments merged into the browser's DOM. By sending a specially crafted URL to an authenticated user, this flaw can be abused for remote code execution and information disclosure.

Published August 23, 2021.

Affected software

Get alerts for Ledgersmb Ledgersmb

Reference links