MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter the General Information module.Referenceshttp://monicahq.comhttps://github.com/p314dO/CVEs/tree/main/CVE-2024-54999
