RSS   Vulnerabilities for 'Monica'   RSS

2023-12-11
 
CVE-2023-50465

CWE-79
 

 
A stored cross-site scripting (XSS) vulnerability exists in Monica (aka MonicaHQ) 4.0.0 via an SVG document uploaded by an authenticated user.

 
2021-04-14
 
CVE-2020-35660

CWE-79
 

 
Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page.

 
2021-02-22
 
CVE-2021-27559

CWE-79
 

 
The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field.

 
 
CVE-2021-27371

CWE-79
 

 
The Contact page in Monica 2.19.1 allows stored XSS via the Description field.

 
 
CVE-2021-27370

CWE-79
 

 
The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field.

 
 
CVE-2021-27369

CWE-79
 

 
The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field.

 
 
CVE-2021-27368

CWE-79
 

 
The Contact page in Monica 2.19.1 allows stored XSS via the First Name field.

 


Copyright 2024, cxsecurity.com

 

Back to Top