Описание
Cross Site Request Forgery in firefly-iii
firefly-iii is vulnerable to a Cross-Site Request Forgery (CSRF) attack which can disable two factor authentication for the target user.
Пакеты
Наименование
grumpydictator/firefly-iii
composer
Затронутые версииВерсия исправления
< 5.6.5
5.6.5
Связанные уязвимости
CVSS3: 4.3
nvd
около 4 лет назад
firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)