Package: frontaccounting Version: 2.2.10-3.1 Severity: important Tags: security, fixed-upstream
Multiple SQL injection vulnerabilities in FrontAccounting has been fixed in 2.3.21 version. http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3973 http://sourceforge.net/p/frontaccounting/mercurial/ci/7ab9e443a8eb9d1b03cbed33006b7665bda9383e http://frontaccounting.com/wb3/pages/posts/release-2.3.21201.php Please use CVE in changelog. I'm happy to help in case you need PoC / reproduce or some other help. --- Henri Salo
signature.asc
Description: Digital signature
