Habitica
Monthly
Habitica is an open-source habit-building program. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to open redirect via the login page. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated low severity (CVSS 2.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Habitica is an open-source habit-building program. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to open redirect via the login page. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. Public exploit code available.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.