Monica 4.1.2 - Stored Cross-Site Scripting via 'HOW YOU MET' Customization
Monica 4.1.2 is vulnerable to Cross Site Scripting (XSS). A malicious user can create a malformed contact and use that contact in the "HOW YOU MET" customization options to trigger the XSS.