SQL-Ledger/LedgerSMB Insecure User Access Restriction Vulnerability

SQL-Ledger/LedgerSMB Insecure User Access Restriction Vulnerability

SQL-Ledger/LedgerSMB is prone to an access-restriction vulnerability because it fails to adequately implement ACLs (Acess Control Lists) for SQL database access.

Exploiting this issue can allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database implementation.

All versions of SQL-Ledger and LedgerSMB are prone to this issue.

NOTE: This issue is documented in LedgerSMB documentation.