{"id":"CVE-2023-1788","summary":"Insufficient Session Expiration in firefly-iii/firefly-iii","details":"Insufficient Session Expiration in GitHub repository firefly-iii/firefly-iii prior to 6.","aliases":["GHSA-h7vv-46p5-prmh"],"modified":"2026-04-10T04:11:04.941057Z","published":"2023-04-05T00:00:00Z","database_specific":{"cna_assigner":"@huntrdev","unresolved_ranges":[{"source":"AFFECTED_FIELD","extracted_events":[{"fixed":"6"}]}],"cwe_ids":["CWE-613"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1788.json"},"references":[{"type":"WEB","url":"https://huntr.dev/bounties/79323c9e-e0e5-48ef-bd19-d0b09587ccb2"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/1xxx/CVE-2023-1788.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-1788"},{"type":"FIX","url":"https://github.com/firefly-iii/firefly-iii/commit/68f398f97cbe1870fc098d8460bf903b9c3fab30"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/firefly-iii/firefly-iii","events":[{"introduced":"0"},{"fixed":"1a3720bfaaadfa29f90cdad77ae1a91ed676cb65"},{"fixed":"68f398f97cbe1870fc098d8460bf903b9c3fab30"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"6.0.0"}]}}],"versions":["3.0.0","3.0.1","3.0.2","3.1","3.1.1","3.1.3","3.1.4","3.1.5","3.10","3.10.1","3.10.2","3.10.3","3.10.4","3.2.5","3.3","3.3.1","3.3.2","3.3.3","3.3.4","3.3.5","3.4.10","3.4.11","3.4.6.1","3.4.7","3.4.8","3.4.9","3.5.0","3.5.1","3.5.2","3.5.3","3.5.4","3.5.5","3.5.6","3.5.6.1","3.6.0","3.6.1","3.7.0","3.7.1","3.7.2","3.7.2.1","3.7.2.2","3.7.2.3","3.8.0","3.8.1","3.8.2","3.8.3","3.8.4","3.9.0","3.9.1","4.0.0","4.0.1","4.0.2","4.1.0","4.1.1","4.1.2","4.1.3","4.1.4","4.1.5","4.1.6","4.1.7","4.2.0","4.2.1","4.2.2","4.3.0","4.3.1","4.3.2","4.3.3","4.3.4","4.3.5","4.3.6","4.3.7","4.3.8","4.4.0","4.4.1","4.4.2","4.4.3","4.5.0","4.6.0","4.6.1","4.6.10","4.6.11","4.6.11.1","4.6.12","4.6.13","4.6.2","4.6.3","4.6.3.1","4.6.4","4.6.5","4.6.6","4.6.7","4.6.8","4.6.9","4.7.0","4.7.1","4.7.1.1","4.7.1.2","4.7.1.3","4.7.1.4","4.7.10","4.7.11","4.7.12","4.7.12.1","4.7.13","4.7.14","4.7.15","4.7.16","4.7.17","4.7.17.1","4.7.17.2","4.7.17.3","4.7.17.4","4.7.17.5","4.7.17.6","4.7.2","4.7.2.1","4.7.2.2","4.7.3","4.7.3.1","4.7.3.2","4.7.4","4.7.5","4.7.5.1","4.7.5.2","4.7.5.3","4.7.6","4.7.6.1","4.7.6.2","4.7.7","4.7.8","4.7.9","4.8.0","4.8.0.1","4.8.0.2","4.8.0.3","4.8.1","4.8.1.1","4.8.1.2","4.8.1.3","4.8.1.4","4.8.1.5","4.8.1.6","4.8.1.7","4.8.1.8","4.8.2","4.8.2-alpha.1","4.8.2-alpha.2","4.8.2-alpha.3","4.8.2-alpha.4","4.8.2-alpha.5","4.8.2-alpha.6","4.8.2-beta.1","4.8.2-beta.2","4.8.3-alpha.1","5.0.0","5.0.0-alpha.1","5.0.0-alpha.2","5.0.0-beta.1","5.0.1","5.0.2","5.0.3","5.0.4","5.0.5","5.1.0","5.1.0-alpha.1","5.1.0-beta.1","5.1.1","5.2.0","5.2.0-alpha.1","5.2.0-beta.1","5.2.1","5.2.2","5.2.3","5.2.4","5.2.5","5.2.6","5.2.7","5.2.8","5.3.0","5.3.0-alpha.1","5.3.0-beta.1","5.3.0-beta.2","5.3.1","5.3.2","5.3.3","5.4.0","5.4.0-alpha.1","5.4.0-alpha.2","5.4.0-alpha.3","5.4.0-beta.1","5.4.1","5.4.2","5.4.3","5.4.4","5.4.5","5.4.6","5.5.0","5.5.0-beta.1","5.5.0-beta.2","5.5.0-beta.3","5.5.1","5.5.10","5.5.11","5.5.12","5.5.2","5.5.3","5.5.4","5.5.5","5.5.6","5.5.7","5.5.8","5.5.9","5.6.0","5.6.0-alpha.1","5.6.0-alpha.2","5.6.1","5.6.10","5.6.11","5.6.12","5.6.13","5.6.14","5.6.15","5.6.16","5.6.2","5.6.3","5.6.4","5.6.5","5.6.6","5.6.7","5.6.8","5.6.9","5.7.0","5.7.1","5.7.10","5.7.11","5.7.12","5.7.13","5.7.14","5.7.15","5.7.16","5.7.17","5.7.18","5.7.2","5.7.3","5.7.4","5.7.5","5.7.6","5.7.7","5.7.8","5.7.9","5.8.0-alpha.1","6.0.0-alpha.1","6.0.0-alpha.2","6.0.0-beta.1","account-repos","chart-fix","v6.0.0-beta.1","v6.0.0-beta.2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"6.0.0-alpha1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0.0-alpha2"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0.0-beta1"}]},{"events":[{"introduced":"0"},{"last_affected":"6.0.0-beta2"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-1788.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N"}]}