CVE-2023-30787

Publication date

2023-05-08 00:00:00

Family

Fluid Attacks

State

PUBLISHED

Description

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter.