Firefly Iii Security Vulnerabilities and Issues — Firefly Iii CVE List | Vulners.com

Lucene search

K

Firefly-iiiFirefly Iii

6 matches found

CVE•added 2024/01/05 3:15 a.m.•198 views

CVE-2024-22075

Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection.

6.1CVSS6.2AI score0.00115EPSS

CVE•added 2021/08/23 1:15 p.m.•62 views

CVE-2021-3728

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

6.5CVSS6.5AI score0.00111EPSS

CVE•added 2021/08/23 1:15 p.m.•61 views

CVE-2021-3730

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

6.5CVSS6.5AI score0.00111EPSS

CVE•added 2023/01/14 8:15 a.m.•54 views

CVE-2023-0298

Incorrect Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0.

6.5CVSS6.4AI score0.00049EPSS

CVE•added 2019/08/05 8:15 p.m.•53 views

CVE-2019-14667

Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due to the lack of filtration of user-supplied data in the transaction description field and the asset account name. The JavaScript code is executed during a convert transaction action.

6.1CVSS6AI score0.00307EPSS

CVE•added 2021/10/27 6:15 p.m.•53 views

CVE-2021-3900

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

6.5CVSS5.4AI score0.00143EPSS