CVE-2023-49804 | louislam uptime-kuma up to 1.23.8 Password Change session fixiation (GHSA-88j4-pcx8-q4q3)

Posted by Angelo Barbosa | Dec 12, 2023 | CVE

A vulnerability classified as critical has been found in louislam uptime-kuma up to 1.23.8. Affected is an unknown function of the component Password Change Handler. The manipulation leads to session fixiation.

This vulnerability is traded as CVE-2023-49804. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-49804 | louislam uptime-kuma up to 1.23.8 Password Change session fixiation (GHSA-88j4-pcx8-q4q3)

Related Posts

CVE-2024-39432 | Unisoc S8000 UMTS RLC Driver out-of-bounds

CVE-2023-48288 | HM Plugin Job Board and Recruitment Plugin up to 2.1 on WordPress information disclosure

CVE-2023-7192 | Linux Kernel Netfilter nf_conntrack_netlink.c ctnetlink_create_conntrack memory leak

CVE-2024-8577 | TOTOLINK AC1200 T8/AC1200 T10 4.1.5cu.861_B20230220/4.1.8cu.5207 /cgi-bin/cstecgi.cgi setStaticDhcpRules desc buffer overflow