Lucene search
MitreVULNRICHMENT:CVE-2019-13644HistoryJul 18, 2019 - 2:17 a.m.
CVE-2019-13644
2019-07-1802:17:24
mitre
github.com
1
AI Score
6
Confidence
High
EPSS
0.001
Percentile
21.4%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tag_number$ tag summary page. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability
Related
nvd
nvd
CVE-2019-13644
2019-07-18 03:15:10
osv
osv
Firefly III vulnerable to stored XSS
2022-05-24 16:50:36
veracode
veracode
Cross-site Scripting (XSS)
2019-07-18 05:59:47
cvelist
cvelist
CVE-2019-13644
2019-07-18 02:17:24
github
github
Firefly III vulnerable to stored XSS
2022-05-24 16:50:36
prion
prion
Design/Logic Flaw
2019-07-18 03:15:00
cve
cve
CVE-2019-13644
2019-07-18 03:15:10
AI Score
6
Confidence
High
EPSS
0.001
Percentile
21.4%
SSVC
Exploitation
poc
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2019-13644