2 matches found
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
CVE-2023-30788
CVE-2023-30788 affects MonicaHQ 4.0.0. Multiple connected sources confirm an authenticated remote attacker can execute malicious code via CSTI in the people/add endpoint, leveraging input fields such as nickName, description, lastName, middleName, and firstName. Documented impact is code executio...