CVE-2023-26777 Information

Description

Cross Site Scripting vulnerability found in :ouislam Uptime Kuma v.1.19.6 and before allows a remote attacker to execute arbitrary commands via the description title footer and incident creation parameter of the status_page.js endpoint.

Reference

https://github.com/louislam/uptime-kuma/issues/2186 http://packetstormsecurity.com/files/171699/Uptime-Kuma-1.19.6-Cross-Site-Scripting.html