CVE-2023-0298: Incorrect Authorization

January 14, 2023 (updated March 2, 2023)

Improper Authorization in GitHub repository firefly-iii/firefly-iii prior to 5.8.0.

References

github.com/firefly-iii/firefly-iii/commit/db0500dcf0d4f1990fc7a377ef0d56c3884fcaa4
huntr.dev/bounties/9689052c-c1d7-4aae-aa08-346c9b6e04ed
nvd.nist.gov/vuln/detail/CVE-2023-0298

Detect and mitigate CVE-2023-0298 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →