CNNVD-202508-2595 Information

CNNVD ID

CNNVD-202508-2595

Related CVE

CVE-2025-55522

• CNNVD Published: 2025-08-21

Description (Chinese)

Akaunting是Akaunting公司的一个应用软件提供一个在线管理资金所需的所有工具。 Akaunting v3.1.18版本存在安全漏洞，该漏洞源于/common/reports组件中的跨站脚本漏洞，可能导致执行任意Web脚本或HTML。

Description (English)

Akaunting is an Akaunting application that provides all the tools needed to manage funds online. There is a security loophole in version Akaunting v3.1.18, which originates from a cross-site script gap in the /common/reports component, which may lead to the execution of any Web script or HTML.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Akaunting

Published

2025-08-21

Last Modified

2026-02-24

References

https://github.com/vityuasd/VulList/blob/main/vul_1.md https://github.com/akaunting/akaunting/tree/3.1.18 https://nvd.nist.gov/vuln/detail/CVE-2025-55522

Patch

https://github.com/akaunting/akaunting/releases