Description
firefly-iii is vulnerable to Unrestricted Upload of File with Dangerous Type
References
https://github.com/firefly-iii/firefly-iii/commit/a85b6420c19ace35134f896e094e1971d8c7954b
PatchThird Party Advisory
https://huntr.dev/bounties/5267ec1c-d204-40d2-bd4f-6c2dd495ee18
ExploitPatchThird Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.8 · High
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-10-19T13:15:11.567
3 years agoLast modified
2021-10-22T00:00:25.460
3 years ago