Vulnerabilities > Firefly III
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-19 | CVE-2021-3851 | Open Redirect vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to URL Redirection to Untrusted Site | 5.4 |
| 2021-09-27 | CVE-2021-3819 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 8.8 |
| 2021-08-23 | CVE-2021-3728 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.5 |
| 2021-08-23 | CVE-2021-3729 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
| 2021-08-23 | CVE-2021-3730 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.5 |
| 2021-07-25 | CVE-2021-3663 | Improper Restriction of Excessive Authentication Attempts vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts | 7.5 |
| 2019-08-05 | CVE-2019-14672 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.5 Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the liability name field. | 5.4 |
| 2019-08-05 | CVE-2019-14671 | Improper Input Validation vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to local file enumeration. | 3.3 |
| 2019-08-05 | CVE-2019-14670 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the bill name field. | 5.4 |
| 2019-08-05 | CVE-2019-14669 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the asset account name. | 5.4 |