VIR Vulnerability Intelligence Relay

Package impact

php Packagist / grumpydictator/firefly-iii

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2024-37893 unknown 2y ago Firefly III has a MFA bypass in oauth flow
CVE-2024-22075 unknown 3y ago Firefly III allows webhooks HTML Injection.
CVE-2023-1788 unknown 3y ago Firefly III insufficiently expires sessions
CVE-2023-1789 unknown 3y ago Firefly III vulnerable to improper input validation
CVE-2023-0298 unknown 3y ago Improper Authorization in grumpydictator/firefly-iii
CVE-2021-3846 unknown 4y ago Unrestricted File Upload vulnerability in Firefly III
CVE-2019-13647 unknown 4y ago Firefly III vulnerable to image-based stored XSS
CVE-2019-13646 unknown 4y ago Firefly III vulnerable to reflected cross-site scripting
CVE-2019-13645 unknown 4y ago Firefly III vulnerable to stored XSS
CVE-2019-13644 unknown 4y ago Firefly III vulnerable to stored XSS
CVE-2021-4005 unknown 5y ago Cross Site Request Forgery in firefly-iii
CVE-2021-4015 unknown 5y ago firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3921 unknown 5y ago firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3900 unknown 5y ago Cross-Site Request Forgery in firefly-iii
CVE-2021-3901 unknown 5y ago Cross-Site Request Forgery in firefly-iii
CVE-2021-3851 unknown 5y ago Open Redirect in firefly-iii
CVE-2021-3819 unknown 5y ago Cross-Site Request Forgery in firefly-iii
CVE-2019-14671 unknown 5y ago Improper Input Validation in Firefly III
CVE-2021-3728 unknown 5y ago firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3730 unknown 5y ago firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3729 unknown 5y ago firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
CVE-2021-3663 unknown 5y ago No Restriction of Excessive Authentication Attempts in Firefly III