4 matches found
CVE-2020-35660
Cross Site Scripting XSS in Monica before 2.19.1 via the journal page...
CVE-2020-35660
Cross Site Scripting XSS in Monica before 2.19.1 via the journal page...
CVE-2020-35660
Cross Site Scripting XSS in Monica before 2.19.1 via the journal page...
CVE-2020-35660
CVE-2020-35660 is a Cross-Site Scripting (XSS) vulnerability in Monica (Regis Freyd Monica) versions prior to 2.19.1, exploitable via the journal page. The connected Huntr entry describes a stored XSS payload in the journal session, e.g. injecting HTML such as , indicating a persistent client-sid...