How severe is CVE-2024-58293?

The severity of CVE-2024-58293 has not been assessed with CVSS v3.

CVE-2024-58293

NONE

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject tem

Publicado: 12/11/2025Actualizado: 12/12/2025

Descripción

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic operations and string manipulations.

Análisis IAImpulsado por IA

Referencias

https://akaunting.com/forum
https://www.exploit-db.com/exploits/52030
https://www.softaculous.com/apps/erp/Akaunting
https://www.vulncheck.com/advisories/akaunting-server-side-template-injection-via-multiple-form-fields