-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
Security: louislam/uptime-kuma
Security Navigation
Security Advisories
View known security vulnerabilities and report new vulnerabilities privately to maintainers.
-
Local File Inclusion (LFI) via Improper URL Handling in `Real-Browser` monitorGHSA-2qgm-m29m-cj2h published
Dec 20, 2024 by louislamModerate -
Enabling Authentication does not close all logged in socket connections immediatelyGHSA-23q2-5gf8-gjpp published
Apr 19, 2024 by louislamLow -
Changing Password does not close all logged in socket connections immediatelyGHSA-88j4-pcx8-q4q3 published
Dec 10, 2023 by louislamModerate -
Missing Origin Validation in WebSocketsGHSA-mj22-23ff-2hrr published
Dec 10, 2023 by louislamModerate -
Authenticated remote code execution via TailscalePingGHSA-hfxh-rjv7-2369 published
Nov 24, 2023 by louislamModerate -
Attribute Injection leading to XSS(Cross-Site-Scripting)GHSA-v4v2-8h88-65qj published
Nov 24, 2023 by louislamModerate -
Persistentent User SessionsGHSA-g9v2-wqcj-j99g published
Oct 9, 2023 by louislamModerate -
Authenticated path traversal via plugin repository name leading to unavailability or data lossGHSA-vr8x-74pm-6vj7 published
Jul 4, 2023 by louislamModerate -
Authenticated remote code execution via malicious plugin installationGHSA-7grx-f945-mj96 published
Jul 4, 2023 by louislamHigh -
Persistent XSS through description in status pageGHSA-wh8j-xr66-f296 published
Feb 13, 2023 by louislamModerate