Firefly III vulnerable to stored XSS

2022-05-2416:50:37

Google

osv.dev

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

21.6%

JSON

Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. The JavaScript code is executed during attachments/edit/$file_id$ attachment editing.

CPENameOperatorVersion
grumpydictator/firefly-iiieq4.7.5.2
grumpydictator/firefly-iiieq4.3.1
grumpydictator/firefly-iiieq4.2.2
grumpydictator/firefly-iiieq3.4.5
grumpydictator/firefly-iiieq3.3.4
grumpydictator/firefly-iiieq4.6.7
grumpydictator/firefly-iiieq4.7.5.1
grumpydictator/firefly-iiieq4.6.6
grumpydictator/firefly-iiieq4.3.5
grumpydictator/firefly-iiieq3.7.2.1

Name	Operator	Version
grumpydictator/firefly-iii	eq	4.7.5.2
grumpydictator/firefly-iii	eq	4.3.1
grumpydictator/firefly-iii	eq	4.2.2
grumpydictator/firefly-iii	eq	3.4.5
grumpydictator/firefly-iii	eq	3.3.4
grumpydictator/firefly-iii	eq	4.6.7
grumpydictator/firefly-iii	eq	4.7.5.1
grumpydictator/firefly-iii	eq	4.6.6
grumpydictator/firefly-iii	eq	4.3.5
grumpydictator/firefly-iii	eq	3.7.2.1