Lucene search

K

MitreCVELIST:CVE-2019-14668

HistoryAug 05, 2019 - 7:23 p.m.

CVE-2019-14668

2019-08-0519:23:34

mitre

www.cve.org

0.001 Low

EPSS

Percentile

21.4%

Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of filtration of user-supplied data in the transaction description field. The JavaScript code is executed during deletion of a transaction link.

References

github.com/firefly-iii/firefly-iii/commit/3ad4e04e2ae50e60564b60b68dfac083e5684882

github.com/firefly-iii/firefly-iii/issues/2364

0.001 Low

EPSS

Percentile

21.4%

Related for CVELIST:CVE-2019-14668

prion1 veracode1 cve1 osv1 nvd1