admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/3xxx/CVE-2021-3728.json
Jamie Slome 4ae4620edc
Update CVE-2021-3728.json
2021-08-23 11:01:34 +01:00

90 lines
2.5 KiB
JSON
Raw Blame History

{
"CVE_data_meta":{
"ASSIGNER":"security@huntr.dev",
"ID":"CVE-2021-3728",
"STATE":"PUBLIC",
"TITLE":"Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii"
},
"affects":{
"vendor":{
"vendor_data":[
{
"product":{
"product_data":[
{
"product_name":"firefly-iii/firefly-iii",
"version":{
"version_data":[
{
"version_affected":"<=",
"version_value":"5.5.13"
}
]
}
}
]
},
"vendor_name":"firefly-iii"
}
]
}
},
"data_format":"MITRE",
"data_type":"CVE",
"data_version":"4.0",
"description":{
"description_data":[
{
"lang":"eng",
"value":"firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF)"
}
]
},
"impact":{
"cvss":{
"attackComplexity":"LOW",
"attackVector":"NETWORK",
"availabilityImpact":"HIGH",
"baseScore":6.5,
"baseSeverity":"MEDIUM",
"confidentialityImpact":"NONE",
"integrityImpact":"NONE",
"privilegesRequired":"NONE",
"scope":"UNCHANGED",
"userInteraction":"REQUIRED",
"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version":"3.0"
}
},
"problemtype":{
"problemtype_data":[
{
"description":[
{
"lang":"eng",
"value":"CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references":{
"reference_data":[
{
"name":"https://huntr.dev/bounties/dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d",
"refsource":"CONFIRM",
"url":"https://huntr.dev/bounties/dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d"
},
{
"name":"https://github.com/firefly-iii/firefly-iii/commit/14cdce113e0eb8090d09066fcd2b5cf03b5ac84e",
"refsource":"MISC",
"url":"https://github.com/firefly-iii/firefly-iii/commit/14cdce113e0eb8090d09066fcd2b5cf03b5ac84e"
}
]
},
"source":{
"advisory":"dd54c5a1-0d4a-4f02-a111-7ce4ddc67a4d",
"discovery":"EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink