Security Advisory

CVE-2019-14671

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-08-05 19:23:08

Last updated 2024-08-05 00:19:41

Assigner mitre

State PUBLISHED

Description

Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attacker can enumerate local files due to the lack of protocol scheme sanitization, such as for file:/// URLs. This is related to fints_url to import/job/configuration, and import/create/fints.

← Browse all CVEs View on cve.org ↗