Skip to main content

Uncaught Exception

CVE-2021-36802

Severity Medium
Score 6.5/10

Summary

Akaunting versions prior to 2.1.13 suffers from a Denial-Of-Service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request.

  • LOW
  • NETWORK
  • NONE
  • UNCHANGED
  • NONE
  • LOW
  • NONE
  • HIGH

CWE-248 - Uncaught Exception

An exception is thrown from a function, but it is not caught.

References

Advisory Timeline

  • Published