A vulnerability, which was classified as critical, was found in mglowinski93 FinanseWebApplication. This affects an unknown part of the file balance.php. The manipulation of the argument startDate/endDate leads to sql injection.
Access to the local network is required for this attack to succeed. There is no exploit available.
This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. It is recommended to apply a patch to fix this issue.