CVE-2023-25811

CVSS V2 None CVSS V3 None
Description
Uptime Kuma is a self-hosted monitoring tool. In versions prior to 1.20.0 the Uptime Kuma `name` parameter allows a persistent XSS attack. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Overview
  • CVE ID
  • CVE-2023-25811
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-21T21:15:11
  • Last Modified Date
  • 2023-03-03T15:22:00
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:uptime-kuma_project:uptime-kuma:*:*:*:*:*:*:*:* 1 OR 1.20.0
References
Reference URL Reference Tags
https://github.com/louislam/uptime-kuma/security/advisories/GHSA-553g-fcpf-m3wp Exploit Third Party Advisory
History
Created Old Value New Value Data Type Notes
2023-04-17 08:03:41 Added to TrackCVE
2023-04-17 08:03:43 Weakness Enumeration new