exploitDog

GHSA-3cr7-mfmj-jrxj

Опубликовано: 14 фев. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.4

Описание

Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.

Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.

Ссылки

EPSS

Процентиль: 46%

0.00234

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2024-54951

CVSS3: 5.4

nvd

12 месяцев назад

Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.

EPSS

Процентиль: 46%

0.00234

Низкий

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79