Monica@4.0.0 Security Vulnerabilities and Issues — Monica@4.0.0 CVE List

Lucene search

MonicahqMonica4.0.0

6 matches found

CVE•added 2023/05/08 8:15 p.m.•38 views

CVE-2023-30788

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people/add endpoint and nickName, description, lastName, middleName and firstName parameter.

5.4CVSS5.7AI score0.00257EPSS

CVE•added 2023/05/08 8:15 p.m.•36 views

CVE-2023-30790

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/relationships endpoint and first_name and last_name parameter.

5.4CVSS5.7AI score0.00257EPSS

CVE•added 2023/05/08 8:15 p.m.•34 views

CVE-2023-30787

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and first_met_additional_info parameter.

5.4CVSS5.7AI score0.00257EPSS

CVE•added 2023/05/08 8:15 p.m.•33 views

CVE-2023-30789

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/work endpoint and job and company parameter.

5.4CVSS5.7AI score0.00476EPSS

CVE•added 2023/05/08 8:15 p.m.•32 views

CVE-2023-1094

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/food endpoint and food parameter.

8.8CVSS8.6AI score0.00654EPSS

CVE•added 2023/05/08 8:15 p.m.•25 views

CVE-2023-1031

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the settings endpoint and first_name parameter.

8.8CVSS8.6AI score0.00887EPSS