Security Advisory

CVE-2023-44400

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-10-09 15:15:07

Last updated 2024-09-18 20:18:45

Assigner GitHub_M

State PUBLISHED

Description

Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a users device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue.

← Browse all CVEs View on cve.org ↗