C8503

**Name of the Vulnerable Software and Affected Versions** UptimeFlare versions prior to commit 377a596 **Description** UptimeFlare, a serverless uptime monitoring and status page solution powered by Cloudflare Workers, had a configuration issue. The `uptime.config.ts` file exported both `pageConfig` (intended for client use) and `workerConfig` (containing sensitive server-only data) from the same module. The client-side component `pages/incidents.tsx` directly imported and used the `workerConfig` object, resulting in the inclusion of sensitive data within the client-side JavaScript bundle served to all visitors. This issue was addressed with commit 377a596. The `workerConfig` contains sensitive data. **Recommendations** Update to commit 377a596 or later.