Firefly III is vulnerable to an Improper Authentication. The vulnerability is due to a flaw in the Firefly III OAuth flow, which may allow malicious users to bypass the MFA check, enabling them to gain access using passwords stolen from other sources through password…Read More