New budget type can be defined by user this input is not correctly filtered,to exploit this endpoint attacker need to be authenticated.
fixed in 9.5.4
Impact
New budget type can be defined by user this input is not correctly filtered,to exploit this endpoint attacker need to be authenticated.
Patches
fixed in 9.5.4