3 matches found
PT-2024-27815
Name of the Vulnerable Software and Affected Versions Firefly III versions prior to 6.1.17 Description A bypass of the multi-factor authentication MFA check in the Firefly III OAuth flow may allow malicious users to access Firefly III data using passwords stolen from other sources. This can be...
firefly-iii 跨站请求伪造漏洞
firefly-iii is a free open source personal finance manager. A cross-site request forgery vulnerability exists in firefly-ii, which can be exploited by attackers to launch cross-site request forgery CSRF attacks...
CVE-2021-3900
firefly-iii is vulnerable to Cross-Site Request Forgery CSRF...