Ev3Rr3D

**Name of the Vulnerable Software and Affected Versions** Monica (aka MonicaHQ) version 4.0.0 **Description** A stored cross-site scripting (XSS) vulnerability exists in the software via an SVG document uploaded by an authenticated user. **Recommendations** For version 4.0.0, consider restricting the upload of SVG documents by authenticated users until a patch is available. As a temporary workaround, disabling the feature to upload SVG files can help minimize the risk of exploitation.