Vulnerabilities > Firefly III > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-05 | CVE-2019-14668 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the transaction description field. | 3.5 |
| 2019-08-05 | CVE-2019-14669 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the asset account name. | 3.5 |
| 2019-08-05 | CVE-2019-14670 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the bill name field. | 3.5 |
| 2019-08-05 | CVE-2019-14671 | Information Exposure vulnerability in Firefly-Iii Firefly III 4.7.17.3 Firefly III 4.7.17.3 is vulnerable to local file enumeration. | 2.1 |
| 2019-08-05 | CVE-2019-14672 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III 4.7.17.5 Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the liability name field. | 3.5 |