2 matches found
Monica 安全漏洞
Monica is an AI assistant from Monica Inc. A security vulnerability exists in Monica version 4.1.2 that originates from a malicious user being able to create a contact that is formatted incorrectly and use it in the HOW YOU MET customization option to trigger cross-site scripting...
CVE-2024-54951
CVE-2024-54951 affects Monica 4.1.2 and enables Cross Site Scripting (XSS) by creating a malformed contact and using it in the How You Met customization field to trigger the payload. Connected sources consistently describe an XSS vector originating from the contact data used in the How You Met op...