How severe is CVE-2024-58293?

The severity of CVE-2024-58293 has not been assessed with CVSS v3.

CVE-2024-58293

NONE

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject tem

Опубликовано: 12/11/2025Обновлено: 12/12/2025

Описание

Akaunting 3.1.8 contains a server-side template injection vulnerability that allows authenticated administrators to execute template expressions in multiple form input fields. Attackers can inject template payloads in items, taxes, transactions, and vendor name fields to perform arithmetic operations and string manipulations.

ИИ-АнализНа базе ИИ

Ссылки

https://akaunting.com/forum
https://www.exploit-db.com/exploits/52030
https://www.softaculous.com/apps/erp/Akaunting
https://www.vulncheck.com/advisories/akaunting-server-side-template-injection-via-multiple-form-fields