CVE-2023-30788

Published: 2023-05-08T20:15Z

Last Modified: 2025-02-04T19:15Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people/add` endpoint and nickName, description, lastName, middleName and firstName parameter. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt