2 matches found
CVE-2019-13646
Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability...
CVE-2019-13646
CVE-2019-13646 affects Firefly III prior to 4.7.17.3 with a reflected XSS vulnerability in the search query due to lack of filtration of user-supplied data. Affected product: Firefly III (open-source personal finance manager); root cause: insufficient input filtering in search; impact: potential ...