Security Overview · dgtlmoon/changedetection.io · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Path traversal using file URI scheme without supplying hostname
GHSA-6jrf-rcjf-245r published Nov 7, 2024 by dgtlmoon

High
Path Traversal
GHSA-cwgg-57xj-g77r published Oct 31, 2024 by dgtlmoon

Moderate
XSS reflected (Post Base) in /settings
GHSA-pwgc-w4x9-gw67 published May 2, 2024 by dgtlmoon

Moderate
Server Side Template Injection in Jinja2 allows Remote Command Execution
GHSA-4r7v-whpg-8rx3 published Apr 25, 2024 by dgtlmoon

Critical
API endpoint `/api/v1/watch/<uuid>/history` is not secured with API token
GHSA-hcvp-2cc7-jrwr published Jan 19, 2024 by dgtlmoon

Low

Learn more about advisories related to dgtlmoon/changedetection.io in the GitHub Advisory Database