Firefly Iii

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2024-22075 PHP MEDIUM PATCH This Month

Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Firefly Iii

NVD GitHub

CVSS 3.1

6.1

EPSS

0.1%

CVE-2024-22075 PHP

EPSS 0% CVSS 6.1

MEDIUM PATCH This Month

Firefly III (aka firefly-iii) before 6.1.1 allows webhooks HTML Injection. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Firefly Iii

NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy