CVE-2021-3728

描述

firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)

受影響套件(1)

• Packagist/grumpydictator/firefly-iiifrom 0, < 5.6.0

CVSS 分數

參考連結(4)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-3728
• WEBhttps://github.com/firefly-iii/firefly-iii
• WEBhttps://github.com/firefly-iii/firefly-iii/commit/14cdce113e0eb8090d09066fcd2b5cf03b5ac84e
• WEBhttps://huntr.dev/bounties/dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d