📦 Habitica

Habitica versions before 5.28.5 contain reflected cross-site scripting vulnerabilities in the login and social media functions. An attacker can craft malicious links with a specially crafted redirectT...

This reflected cross-site scripting vulnerability in Habitica allows attackers to execute arbitrary JavaScript in victims' browsers by manipulating the 'redirectTo' parameter. Users of Habitica versio...