LedgerSMB does not sufficiently guard against being wrapped by other sites, making it vulnerable to 'clickjacking'. This allows an attacker to trick a targetted user to execute unintended actions.
Published August 23, 2021.
Debian Debian Linux
Ledgersmb Ledgersmb
