Vulnerabilities > Firefly III > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-05 | CVE-2024-22075 | Cross-site Scripting vulnerability in Firefly-Iii Firefly III Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. | 6.1 |
2023-01-14 | CVE-2023-0298 | Incorrect Authorization vulnerability in Firefly-Iii Firefly III Incorrect Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0. | 6.5 |
2021-12-04 | CVE-2021-4005 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
2021-12-01 | CVE-2021-4015 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
2021-11-13 | CVE-2021-3921 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
2021-10-27 | CVE-2021-3901 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.8 |
2021-10-27 | CVE-2021-3900 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 4.3 |
2021-10-19 | CVE-2021-3846 | Unrestricted Upload of File with Dangerous Type vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type | 6.5 |
2021-10-19 | CVE-2021-3851 | Open Redirect vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to URL Redirection to Untrusted Site | 4.9 |
2021-09-27 | CVE-2021-3819 | Cross-Site Request Forgery (CSRF) vulnerability in Firefly-Iii Firefly III firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) | 6.8 |