3 matches found
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
CVE-2023-30788
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter...
MonicaHQ 跨站脚本漏洞
MonicaHQ is a people management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version 4.0.0, which can be exploited by remote attackers to execute malicious code in the application via the people/add endpoint and CSTIs in the job and company parameters...