Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
Firefly-iiiFirefly Iii*

2 matches found

CVE
CVEadded 2024/01/05 3:15 a.m.198 views

CVE-2024-22075

Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection.

6.1CVSS6.2AI score0.00115EPSS
CVE
CVEadded 2024/06/17 8:15 p.m.80 views

CVE-2024-37893

Firefly III is a free and open source personal finance manager. In affected versions an MFA bypass in the Firefly III OAuth flow may allow malicious users to bypass the MFA-check. This allows malicious users to use password spraying to gain access to Firefly III data using passwords stolen from oth...

5.9CVSS5.9AI score0.00021EPSS