Manuel-Sommer

#20300of 53,632
12.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2023-20320
6.3
2023-02-21
Unknown · Uptime Kuma · CVE-2023-25810
**Name of the Vulnerable Software and Affected Versions** Uptime Kuma versions prior to 1.20.0 **Description** Uptime Kuma is a self-hosted monitoring tool. The Uptime Kuma status page allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability. **Recommendations** For versions prior to 1.20.0, upgrade to version 1.20.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the status page until a patch is applied.
PT-2023-20321
6.3
2023-02-21
Unknown · Uptime Kuma · CVE-2023-25811
**Name of the Vulnerable Software and Affected Versions** Uptime Kuma versions prior to 1.20.0 **Description** Uptime Kuma is a self-hosted monitoring tool. The `name` parameter in Uptime Kuma allows a persistent XSS attack. Users are advised to upgrade as there are no known workarounds for this issue. **Recommendations** For versions prior to 1.20.0, upgrade to version 1.20.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the `name` parameter to minimize the risk of exploitation.