CVE 2022-23077
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page.
See the
CVE page on Mitre.org
for more details.
In habitica versions v4.119.0 through v4.232.2 are vulnerable to DOM XSS via the login page.