← back
CVE-2020-22390

CVE-2020-22390

EPSS 1.6%
Akaunting <= 2.0.9 is vulnerable to CSV injection in the Item name field, export function. Attackers can inject arbitrary code into the name parameter and perform code execution when the crafted file is opened.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://cqinfo.la/csv-injection-in-akaunting/