Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
monica vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-35660
Cross Site Scripting (XSS) in Monica prior to 2.19.1 via the journal page.
Monicahq Monica
8.8
CVSSv3
CVE-2023-1031
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `settings` endpoint and first_name parameter.
Monicahq Monica 4.0.0
8.8
CVSSv3
CVE-2023-1094
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `people:id/food` endpoint and food parameter.
Monicahq Monica 4.0.0
5.4
CVSSv3
CVE-2021-27371
The Contact page in Monica 2.19.1 allows stored XSS via the Description field.
Monicahq Monica 2.19.1
5.4
CVSSv3
CVE-2023-30787
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter.
Monicahq Monica 4.0.0
5.4
CVSSv3
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter.
Monicahq Monica 4.0.0
5.4
CVSSv3
CVE-2023-30789
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `people:id/work` endpoint and job and company parameter.
Monicahq Monica 4.0.0
5.4
CVSSv3
CVE-2023-30790
MonicaHQ version 4.0.0 allows an authenticated remote malicious user to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter.
Monicahq Monica 4.0.0
5.4
CVSSv3
CVE-2021-27369
The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field.
Monicahq Monica 2.19.1
5.4
CVSSv3
CVE-2021-27559
The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field.
Monicahq Monica 2.19.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »