CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-54951

Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 35.1%

CVSS Severity

CVSS v3 Score 5.4

References

https://github.com/Allevon412/Monica-Stored-XSS-Vulnerability

Products affected by CVE-2024-54951

Monicahq » Monica » Version: 4.1.2

cpe:2.3:a:monicahq:monica:4.1.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-54951

Products

Pricing

Contact Us