Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
firefly iii vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2019-13646
Firefly III prior to 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability
Firefly-iii Firefly Iii
5.4
CVSSv3
CVE-2019-13647
Firefly III prior to 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. The JavaScript code is executed during attachments/view/$file_id$ attachment viewing. NOTE: It is asserted that an attacker must have the same access r...
Firefly-iii Firefly Iii
4.3
CVSSv3
CVE-2021-3921
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
Firefly-iii Firefly Iii
7.5
CVSSv3
CVE-2021-3663
firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts
Firefly-iii Firefly Iii
5.4
CVSSv3
CVE-2019-13644
Firefly III prior to 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. The JavaScript code is contained in a transaction, and is executed on the tags/show/$tag_number$ tag summary page. NOTE: It is asserted that an attacker mus...
Firefly-iii Firefly Iii
6.5
CVSSv3
CVE-2023-0298
Incorrect Authorization in GitHub repository firefly-iii/firefly-iii before 5.8.0.
Firefly-iii Firefly Iii
6.5
CVSSv3
CVE-2021-3900
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
Firefly-iii Firefly Iii
5.4
CVSSv3
CVE-2021-3851
firefly-iii is vulnerable to URL Redirection to Untrusted Site
Firefly-iii Firefly Iii
6.5
CVSSv3
CVE-2021-3730
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
Firefly-iii Firefly Iii -
6.1
CVSSv3
CVE-2024-22075
Firefly III (aka firefly-iii) prior to 6.1.1 allows webhooks HTML Injection.
Firefly-iii Firefly Iii
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »