Lucene search
Veracode Vulnerability DatabaseVERACODE:20851HistoryJul 18, 2019 - 6:37 a.m.
Cross-site Scripting (XSS)
2019-07-1806:37:58
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
21.6%
grumpydictator/firefly-iii is vulnerable to cross-site scripting (XSS) attacks. The attack is due to lack of sanitization of query string provided by the user in the search query, allowing an attacker to inject a malicious script.
| CPE | Name | Operator | Version |
|---|---|---|---|
| grumpydictator/firefly-iii | le | 4.17.2 |
Related
prion
prion
Design/Logic Flaw
2019-07-18 03:15:00
osv
osv
Firefly III vulnerable to reflected cross-site scripting
2022-05-24 16:50:37
cve
cve
CVE-2019-13646
2019-07-18 03:15:10
cvelist
cvelist
CVE-2019-13646
2019-07-18 02:17:40
nvd
nvd
CVE-2019-13646
2019-07-18 03:15:10
github
github
Firefly III vulnerable to reflected cross-site scripting
2022-05-24 16:50:37