6 matches found
CVE-2024-54996
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create...
CVE-2024-54994
MonicaHQ v4.1.2 was discovered to contain multiple Client-Side Injection vulnerabilities via the firstname and lastname parameters in the Add a new relationship feature...
CVE-2024-54996
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create...
CVE-2024-54996
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create...
CVE-2024-54996
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the title and description parameters at /people/ID/reminders/create...
CVE-2024-54996
MonicaHQ v4.1.2 contains multiple authenticated Client-Side Injection vulnerabilities in the /people/ID/reminders/create endpoint, exploiting unsanitized title and description parameters. Root cause: input passed to these fields is not properly validated, enabling client-side code execution-like ...