[MEDIUM] Firefly III has a MFA bypass in oauth flow

PKSA-t1gb-cctm-7jjf CVE-2024-37893 GHSA-4gm4-c4mh-4p7w

Affected package: grumpydictator/firefly-iii

Affected version: <6.1.17

Reported by:
GitHub