Manuel-Sommer

#20348de 53,633
12.6CVSS total
Vulnerabilidades · 2
Média
2
PT-2023-20320
6.3
2023-02-21
Unknown · Uptime Kuma · CVE-2023-25810
**Name of the Vulnerable Software and Affected Versions** Uptime Kuma versions prior to 1.20.0 **Description** Uptime Kuma is a self-hosted monitoring tool. The Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability. **Recommendations** For versions prior to 1.20.0, upgrade to version 1.20.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the status page until a patch is applied.
PT-2023-20321
6.3
2023-02-21
Unknown · Uptime Kuma · CVE-2023-25811
**Name of the Vulnerable Software and Affected Versions** Uptime Kuma versions prior to 1.20.0 **Description** Uptime Kuma is a self-hosted monitoring tool. The `name` parameter in Uptime Kuma allows a persistent XSS attack. Users are advised to upgrade as there are no known workarounds for this issue. **Recommendations** For versions prior to 1.20.0, upgrade to version 1.20.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `name` parameter to minimize the risk of exploitation.