2 matches found
CVE-2023-50465
A stored cross-site scripting XSS vulnerability exists in Monica aka MonicaHQ 4.0.0 via an SVG document uploaded by an authenticated user...
CVE-2023-50465
The CVE-2023-50465 issue affects Monica (MonicaHQ) 4.0.0, where an authenticated user can upload an SVG document that triggers stored cross-site scripting (XSS). Documented by multiple sources (NVD/Red Hat/OSV/CVE lists) with a CVSS v3.1 base score of 5.4 (Medium) and privileges required: Low, us...