3 matches found
Code injection
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/food endpoint and food parameter...
CVE-2023-1094
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/food endpoint and food parameter...
MonicaHQ 安全漏洞
MonicaHQ is a people management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0 that originates from a vulnerability that allows an authenticated, remote attacker to execute malicious code in the application via the CSTI in the people:id/food endpoint and food...