Firefly III Cross-Site Scripting Vulnerability (CNVD-2019-30451)
Firefly III is a free, open source, self-hosted personal finance manager. A stored cross-site scripting vulnerability exists in Firefly III 4.7.17.3. The vulnerability stems from a lack of filtering of data provided by the user in the billname field. An attacker can exploit the vulnerability to...