Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack of filtration of user-supplied data in a search query. NOTE: It is asserted that an attacker must have the same access rights as the user in order to be able to execute the vulnerability
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-07-18T02:17:40
Updated: 2024-08-04T23:57:39.464Z
Reserved: 2019-07-17T00:00:00
Link: CVE-2019-13646
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-07-18T03:15:10.747
Modified: 2024-08-05T00:15:49.143
Link: CVE-2019-13646
Redhat
No data.