Firefly III Cross-Site Scripting Vulnerability
Firefly III is a free, open source, self-hosted personal finance manager. A stored cross-site scripting vulnerability exists in Firefly III 4.7.17.5. The vulnerability stems from a lack of filtering of user-supplied data in the liabilityname field. An attacker can exploit the vulnerability to...