exploitDog

CVE-2024-54998

Опубликовано: 10 янв. 2025

Источник: nvd

CVSS3: 5.4

EPSS Низкий

Описание

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create.

Ссылки

http://monicahq.com
Product
https://github.com/p314dO/CVEs/tree/main/CVE-2024-54998
Exploit
Third Party Advisory
https://github.com/p314dO/CVEs/tree/main/CVE-2024-54998
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:monicahq:monica:4.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00038

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-f3f5-7m89-558c

CVSS3: 5.4

github

около 1 года назад

MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create.

EPSS

Процентиль: 11%

0.00038

Низкий

5.4 Medium

CVSS3

Дефекты

CWE-79