Medium severity5.4NVD Advisory· Published Feb 22, 2021· Updated Jun 17, 2026
CVE-2021-27370
CVE-2021-27370
Description
The Contact page in Monica 2.19.1 allows stored XSS via the Last Name field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Monica/Monicadescription
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/161501/Monica-2.19.1-Cross-Site-Scripting.htmlnvdExploitThird Party AdvisoryVDB Entry
- github.com/monicahq/monica/issues/4888nvdExploitIssue TrackingThird Party Advisory
- github.com/monicahq/monica/pull/4543nvdExploitThird Party Advisory
- huntr.dev/bounties/2-other-monica/nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.