Medium severity6.5NVD Advisory· Published Jun 14, 2024· Updated Jun 17, 2026
CVE-2024-37889
CVE-2024-37889
Description
MyFinances is a web application for managing finances. MyFinances has a way to access other customer invoices while signed in as a user. This method allows an actor to access PII and financial information from another account. The vulnerability is fixed in 0.4.6.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: <0.4.6
- Range: <0.4.6
- TreyWW/MyFinancesv5Range: < 0.4.6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.