Update CVE-2021-3728.json

2025-05-08 11:37:04 +00:00 · 2021-08-23 11:01:34 +01:00 · 2021-08-23 11:01:34 +01:00 · 4ae4620edc
commit 4ae4620edc
parent bbb009dc13
1 changed files with 86 additions and 15 deletions
--- a/2021/3xxx/CVE-2021-3728.json
+++ b/2021/3xxx/CVE-2021-3728.json
@ -1,18 +1,89 @@
 {
-    "data_type": "CVE",
+   "CVE_data_meta":{
-    "data_format": "MITRE",
+      "ASSIGNER":"security@huntr.dev",
-    "data_version": "4.0",
+      "ID":"CVE-2021-3728",
-    "CVE_data_meta": {
+      "STATE":"PUBLIC",
-        "ID": "CVE-2021-3728",
+      "TITLE":"Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii"
-        "ASSIGNER": "cve@mitre.org",
+   },
-        "STATE": "RESERVED"
+   "affects":{
-    },
+      "vendor":{
-    "description": {
+         "vendor_data":[
        "description_data": [
            {
-                "lang": "eng",
+               "product":{
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                  "product_data":[
                     {
                        "product_name":"firefly-iii/firefly-iii",
                        "version":{
                           "version_data":[
                              {
                                 "version_affected":"<=",
                                 "version_value":"5.5.13"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name":"firefly-iii"
            }
-        ]
+         ]
-    }
+      }
-}
+   },
   "data_format":"MITRE",
   "data_type":"CVE",
   "data_version":"4.0",
   "description":{
      "description_data":[
         {
            "lang":"eng",
            "value":"firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)"
         }
      ]
   },
   "impact":{
      "cvss":{
         "attackComplexity":"LOW",
         "attackVector":"NETWORK",
         "availabilityImpact":"HIGH",
         "baseScore":6.5,
         "baseSeverity":"MEDIUM",
         "confidentialityImpact":"NONE",
         "integrityImpact":"NONE",
         "privilegesRequired":"NONE",
         "scope":"UNCHANGED",
         "userInteraction":"REQUIRED",
         "vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
         "version":"3.0"
      }
   },
   "problemtype":{
      "problemtype_data":[
         {
            "description":[
               {
                  "lang":"eng",
                  "value":"CWE-352 Cross-Site Request Forgery (CSRF)"
               }
            ]
         }
      ]
   },
   "references":{
      "reference_data":[
         {
            "name":"https://huntr.dev/bounties/dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d",
            "refsource":"CONFIRM",
            "url":"https://huntr.dev/bounties/dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d"
         },
         {
            "name":"https://github.com/firefly-iii/firefly-iii/commit/14cdce113e0eb8090d09066fcd2b5cf03b5ac84e",
            "refsource":"MISC",
            "url":"https://github.com/firefly-iii/firefly-iii/commit/14cdce113e0eb8090d09066fcd2b5cf03b5ac84e"
         }
      ]
   },
   "source":{
      "advisory":"dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d",
      "discovery":"EXTERNAL"
   }
 }