Vulnerabilities > Firefly III > Firefly III
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-18 | CVE-2019-13647 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file content. | 5.4 |
2019-07-18 | CVE-2019-13646 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. | 5.4 |
2019-07-18 | CVE-2019-13645 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of filtration of user-supplied data in image file names. | 5.4 |
2019-07-18 | CVE-2019-13644 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of filtration of user-supplied data in a budget name. | 5.4 |