grumpydictator/firefly-iii vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
GHSA-6JQ6-X4CX-QVCMMediumgrumpydictator/firefly-iii: Firefly II has Stored XSS in Audit Log Entry view via piggy bank name (ale.twig)GHSA-5Q8V-J673-M5V4Mediumgrumpydictator/firefly-iii: Firefly III user API endpoints expose all users' information to any authenticated user (IDOR)CVE-2024-37893Mediumgrumpydictator/firefly-iii: Firefly III has a MFA bypass in oauth flowGHSA-29W6-C52G-M8JCMediumgrumpydictator/firefly-iii: C5 Firefly III CSV Injection.CVE-2024-22075Mediumgrumpydictator/firefly-iii: Firefly III allows webhooks HTML Injection.CVE-2023-1788Mediumgrumpydictator/firefly-iii: Firefly III insufficiently expires sessionsCVE-2023-1789Mediumgrumpydictator/firefly-iii: Firefly III vulnerable to improper input validationCVE-2023-0298Mediumgrumpydictator/firefly-iii: Improper Authorization in grumpydictator/firefly-iiiCVE-2021-3846Highgrumpydictator/firefly-iii: Unrestricted File Upload vulnerability in Firefly IIICVE-2019-13647Mediumgrumpydictator/firefly-iii: Firefly III vulnerable to image-based stored XSSCVE-2019-13645Mediumgrumpydictator/firefly-iii: Firefly III vulnerable to stored XSSCVE-2019-13646Mediumgrumpydictator/firefly-iii: Firefly III vulnerable to reflected cross-site scriptingCVE-2019-13644Mediumgrumpydictator/firefly-iii: Firefly III vulnerable to stored XSSCVE-2021-4005Mediumgrumpydictator/firefly-iii: Cross Site Request Forgery in firefly-iii CVE-2021-4015Mediumgrumpydictator/firefly-iii: firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)CVE-2021-3921Mediumgrumpydictator/firefly-iii: firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)CVE-2021-3900Mediumgrumpydictator/firefly-iii: Cross-Site Request Forgery in firefly-iiiCVE-2021-3901Lowgrumpydictator/firefly-iii: Cross-Site Request Forgery in firefly-iiiCVE-2021-3851Mediumgrumpydictator/firefly-iii: Open Redirect in firefly-iiiCVE-2021-3819Mediumgrumpydictator/firefly-iii: Cross-Site Request Forgery in firefly-iiiCVE-2019-14671Lowgrumpydictator/firefly-iii: Improper Input Validation in Firefly IIICVE-2021-3728Mediumgrumpydictator/firefly-iii: firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)CVE-2021-3730Mediumgrumpydictator/firefly-iii: firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)CVE-2021-3729Mediumgrumpydictator/firefly-iii: firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)CVE-2021-3663Mediumgrumpydictator/firefly-iii: No Restriction of Excessive Authentication Attempts in Firefly III

Stop the waste.
Protect your environment with Kodem.