0-day Archives - Twelvesec

LedgerSMB – CVE-2024-23831: Privilege escalation through CSRF attack on “setup.pl”

by George Roumeliotis | Feb 2, 2024 | 0 comments

During an assessment, we discovered a vulnerability in the LedgerSMB application, a widely-used open-source accounting software tailored for small and mid-size businesses. This vulnerability, identified in versions 1.3 to 1.9, 1.10.0 to 1.10.29, and 1.11.0 to 1.11.8,...

Share this post with your friends!

Facebook
Twitter
LinkedIn

LedgerSMB – CVE-2024-23831: Privilege escalation through CSRF attack on “setup.pl”

LATEST POSTS

TAGS

ΝΟΤΕ

Share This