MonicaHQ Client-Side Injection Vulnerability in Journal Entry Editing

Vulnerability

A client-side injection vulnerability has been identified in MonicaHQ version 4.1.1. This vulnerability allows authenticated users to inject malicious content through the entry text field while editing journal entries.

Impact

Exploitation of this vulnerability could lead to client-side injection, allowing for the manipulation of how content is displayed or interacted with in the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.7

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.8

impact

1.7

exploitability

6.3

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MonicaHQ Client-Side Injection Vulnerability in Journal Entry Editing

Vulnerability

Impact

Affected Products

MonicaHQ

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating