CVE-2023-30787

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...

Code injection

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...

MonicaHQ 跨站脚本漏洞

MonicaHQ is a people management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0, which can be exploited by remote attackers to execute malicious code in the application via the people:id/introductions endpoint and the CSTI in the firstmetadditionalinfo paramet...

PT-2023-22980 · Monicahq · Monicahq

Name of the Vulnerable Software and Affected Versions: MonicaHQ version 4.0.0 Description: The issue allows an authenticated remote attacker to execute malicious code in the application via CSTI in the "people:id/introductions" endpoint and first met additional info parameter. Recommendations: Fo...

Debian Security Advisory DSA 3216-1 (tor - security update)

Several vulnerabilities have been discovered in Tor, a connection-based low-latency anonymous communication system: CVE-2015-2928disgleirio discovered that a malicious client could trigger an assertion failure in a Tor instance providing a hidden service, thus rendering the service inaccessible...