CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-22075
https://notcve.org/view.php?id=CVE-2024-22075
05 Jan 2024 — Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. Firefly III (aka firefly-iii) anterior a 6.1.1 permite la inyección HTML de webhooks. • https://github.com/firefly-iii/firefly-iii/releases/tag/v6.1.1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-1788 – Insufficient Session Expiration in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2023-1788
05 Apr 2023 — Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6. • https://github.com/firefly-iii/firefly-iii/commit/68f398f97cbe1870fc098d8460bf903b9c3fab30 • CWE-613: Insufficient Session Expiration •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2023-1789 – Improper Input Validation in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2023-1789
01 Apr 2023 — Improper Input Validation in GitHub repository firefly-iii/firefly-iii prior to 6.0.0. • https://github.com/firefly-iii/firefly-iii/commit/6b05c0fbd3e8c40ae9b24dc2698821786fccf0c5 • CWE-20: Improper Input Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0298 – Incorrect Authorization in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2023-0298
14 Jan 2023 — Incorrect Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0. • https://github.com/firefly-iii/firefly-iii/commit/db0500dcf0d4f1990fc7a377ef0d56c3884fcaa4 • CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4005 – Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-4005
04 Dec 2021 — firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) firefly-iii es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/firefly-iii/firefly-iii/commit/03a1601bf343181df9f405dd2109aec483cb7053 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2021-4015 – Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-4015
01 Dec 2021 — firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) firefly-iii es vulnerable a la falsificación de peticiones en sitios cruzados (CSRF) • https://github.com/firefly-iii/firefly-iii/commit/518b4ba5a7a56760902758ae0a2c6a392c2f4d37 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3921 – Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-3921
13 Nov 2021 — firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) firefly-iii es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/firefly-iii/firefly-iii/commit/47fa9e39561a9ec9e210e4023d090a7b33381684 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3901 – Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-3901
27 Oct 2021 — firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) firefly-iii es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/firefly-iii/firefly-iii/commit/b42d8d1e305cad70d9b83b33cd8e0d7a4b2060c2 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3900 – Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-3900
27 Oct 2021 — firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) firefly-iii es vulnerable a un ataque de tipo Cross-Site Request Forgery (CSRF) • https://github.com/firefly-iii/firefly-iii/commit/c2c8c42ef3194d1aeba8c48240fe2e9063f77635 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-3851 – Open Redirect in firefly-iii/firefly-iii
https://notcve.org/view.php?id=CVE-2021-3851
19 Oct 2021 — firefly-iii is vulnerable to URL Redirection to Untrusted Site firefly-iii es vulnerable a una Redirección de URLs a Sitios no Confiables • https://github.com/firefly-iii/firefly-iii/commit/8662dfa4c0f71efef61c31dc015c6f723db8318d • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •