BOOK THIS SPACE FOR AD
ARTICLE AD28. July 2021
This article has been indexed from Softpedia News / Security
Cybersecurity experts discovered nine security flaws in three open-source projects: Akaunting, EspoCRM, and Pimcore, according to The Hacker News. All of them are typically used by a wide range of small and medium-sized businesses.
All the security issues at stake that affect EspoCRm v6.1.6, the Pimcore Customer Data Framework v3.0.0, the Pimcore AdminBundle v6.8.0, and the Akaunting v2.1.12 were resolved within a responsible release day, according to cybersecurity researcher Trevor Christiansen of Rapid7, and Wiktor Sędkowski of Nokia. In the Akaunting project, six of the nine defects were found.
It is possible that an authenticated attacker could use these flaws to execute JavaScript code arbitrarily, control the underlying operating system and use it as a launch point for further malicious attacks, change the company linked with a user account without their …