Firefly III Cross-Site Scripting Vulnerability (CNVD-2019-30450)
Firefly III is a free, open source, self-hosted personal finance manager. A stored cross-site scripting vulnerability exists in Firefly III 4.7.17.3. The vulnerability stems from a lack of filtering of user-supplied data in the transaction description field. An attacker can exploit this...