Shodan
Vulnerabilities
Vulnerable Software
Monicahq:  >> Monica  Security Vulnerabilities
CVE-2023-1031
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `settings` endpoint and first_name parameter.
CVSS Score
8.8
EPSS Score
0.009
Published
2023-05-08
CVE-2020-35660
Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-04-14
CVE-2021-27370
The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-02-22
CVE-2021-27371
The Contact page in Monica 2.19.1 allows stored XSS via the Description field.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-02-22
CVE-2021-27559
The Contact page in Monica 2.19.1 allows stored XSS via the Nickname field.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-02-22
CVE-2021-27368
The Contact page in Monica 2.19.1 allows stored XSS via the First Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-02-22
CVE-2021-27369
The Contact page in Monica 2.19.1 allows stored XSS via the Middle Name field.
CVSS Score
5.4
EPSS Score
0.002
Published
2021-02-22


Products
Pricing
Contact Us

Shodan ® - All rights reserved