PT-2023-31143 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.23.7 Description: The Google Analytics element in Uptime Kuma is vulnerable to Attribute Injection, leading to Cross-Site-Scripting XSS attacks. This occurs because the custom status interface can set an...