CVE-2024-54951

Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt