Описание
Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.
Ссылки
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:monicahq:monica:4.1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 46%
0.00234
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 5.4
github
12 месяцев назад
Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.
EPSS
Процентиль: 46%
0.00234
Низкий
5.4 Medium
CVSS3
Дефекты
CWE-79