A Host Header Poisoning vulnerability exists in Monica 4.1.2 due to improper handling of the HTTP Host header in app/Providers/AppServiceProvider.php, combined with the default misconfiguration where the "app.force_url" is not set and default is "false". The application generates absolute URLs (such as those used in password reset emails) using the user-supplied Host header. This allows remote attackers to poison the password reset link sent to a victim,
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:NMonicahq Monica
APPMonicahq4.1.2
Related vulnerabilities
MonicaHQ v4.1.2 was discovered to contain multiple authenticated Client-Side Injection vulnerabilities via the...
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application vi...
MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application vi...
Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and ...
MonicaHQ v4.1.2 was discovered to contain a Client-Side Injection vulnerability via the last_name parameter th...