firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)
References
Link | Resource |
---|---|
https://github.com/firefly-iii/firefly-iii/commit/f80178b1b2b7864d17500a131d570c353c9a26f6 | Patch Third Party Advisory |
https://huntr.dev/bounties/ea181323-51f8-46a2-a60f-6a401907feb7 | Third Party Advisory |
https://github.com/firefly-iii/firefly-iii/commit/f80178b1b2b7864d17500a131d570c353c9a26f6 | Patch Third Party Advisory |
https://huntr.dev/bounties/ea181323-51f8-46a2-a60f-6a401907feb7 | Third Party Advisory |
Configurations
History
21 Nov 2024, 06:22
Type | Values Removed | Values Added |
---|---|---|
References | () https://github.com/firefly-iii/firefly-iii/commit/f80178b1b2b7864d17500a131d570c353c9a26f6 - Patch, Third Party Advisory | |
References | () https://huntr.dev/bounties/ea181323-51f8-46a2-a60f-6a401907feb7 - Third Party Advisory |
Information
Published : 2021-08-23 13:15
Updated : 2024-11-21 06:22
NVD link : CVE-2021-3730
Mitre link : CVE-2021-3730
CVE.ORG link : CVE-2021-3730
JSON object : View
Products Affected
firefly-iii
- firefly_iii
CWE
CWE-352
Cross-Site Request Forgery (CSRF)