Habitica · Habitica · CVE-2022-23077
**Name of the Vulnerable Software and Affected Versions**
Habitica versions v4.119.0 through v4.232.2
**Description**
The issue concerns a DOM XSS vulnerability via the login page.
**Recommendations**
For versions v4.119.0 through v4.232.2, update to a version that is not within this range to resolve the issue.
As a temporary workaround, consider restricting access to the login page until a patch is available.