admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/3xxx/CVE-2021-3730.json
Jamie Slome 215f5a7faf
Update CVE-2021-3730.json
2021-08-23 11:06:13 +01:00

90 lines
2.5 KiB
JSON
Raw Blame History

{
"CVE_data_meta":{
"ASSIGNER":"security@huntr.dev",
"ID":"CVE-2021-3730",
"STATE":"PUBLIC",
"TITLE":"Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii"
},
"affects":{
"vendor":{
"vendor_data":[
{
"product":{
"product_data":[
{
"product_name":"firefly-iii/firefly-iii",
"version":{
"version_data":[
{
"version_affected":"<=",
"version_value":"5.5.13"
}
]
}
}
]
},
"vendor_name":"firefly-iii"
}
]
}
},
"data_format":"MITRE",
"data_type":"CVE",
"data_version":"4.0",
"description":{
"description_data":[
{
"lang":"eng",
"value":"firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)"
}
]
},
"impact":{
"cvss":{
"attackComplexity":"LOW",
"attackVector":"NETWORK",
"availabilityImpact":"HIGH",
"baseScore":6.5,
"baseSeverity":"MEDIUM",
"confidentialityImpact":"NONE",
"integrityImpact":"NONE",
"privilegesRequired":"NONE",
"scope":"UNCHANGED",
"userInteraction":"REQUIRED",
"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version":"3.0"
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang":"eng",
"value":"CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references":{
"reference_data":[
{
"name":"https://huntr.dev/bounties/ea181323-51f8-46a2-a60f-6a401907feb7",
"refsource":"CONFIRM",
"url":"https://huntr.dev/bounties/ea181323-51f8-46a2-a60f-6a401907feb7"
},
{
"name":"https://github.com/firefly-iii/firefly-iii/commit/f80178b1b2b7864d17500a131d570c353c9a26f6",
"refsource":"MISC",
"url":"https://github.com/firefly-iii/firefly-iii/commit/f80178b1b2b7864d17500a131d570c353c9a26f6"
}
]
},
"source":{
"advisory":"ea181323-51f8-46a2-a60f-6a401907feb7",
"discovery":"EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink