Uptime Kuma 安全漏洞

Uptime Kuma is an easy-to-use, self-hosted monitoring tool from the individual developer Louis Lam. A security vulnerability exists in Uptime Kuma 1.23.0 and prior versions that stems from a regular expression denial of service...

CVE-2023-49804 Uptime Kuma Password Change Vulnerability

Uptime Kuma is an easy-to-use self-hosted monitoring tool. Prior to version 1.23.9, when a user changes their login password in Uptime Kuma, a previously logged-in user retains access without being logged out. This behavior persists consistently, even after system restarts or browser restarts. Th...

CVE-2023-44400 Uptime Kuma has Persistentent User Sessions

Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the...

PT-2023-20320 · Unknown · Uptime Kuma

Name of the Vulnerable Software and Affected Versions: Uptime Kuma versions prior to 1.20.0 Description: Uptime Kuma is a self-hosted monitoring tool. The Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability...

Uptime Kuma 跨站脚本漏洞

Uptime Kuma is an easy-to-use, self-hosted monitoring tool from the individual developer Louis Lam. A security vulnerability exists in Uptime Kuma versions prior to 1.20.0, which stems from the Uptime Kuma name parameter allowing persistent XSS attacks...