PT-2023-16153 · Unknown · Firefly-Iii

Jc5

·

Publicado

2023-01-14

·

Atualizado

2026-03-07

·

CVE-2023-0298

CVSS v3.1

6.5

Média

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions firefly-iii versions prior to 5.8.0
Description The issue concerns an improper authorization in the firefly-iii repository on GitHub.
Recommendations For versions prior to 5.8.0, update to version 5.8.0 or later to resolve the issue.

Exploit

Correção

Improper Authorization

Incorrect Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-285CWE-863

Identificadores relacionados

CVE-2023-0298
GHSA-7MC4-JP4F-V2J2

Produtos afetados

Firefly-Iii