CVE-2021-36802

MEDIUM

Akaunting <2.1.12 - DoS

Title source: llm

Description

Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product.

References (1)

Scores

CVSS v3 6.5
EPSS 0.0011
EPSS Percentile 28.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-248
Status published

Affected Products (1)

akaunting/akaunting < 2.1.12

Timeline

Published Aug 04, 2021
Tracked Since Feb 18, 2026