Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork1.5k
Security: dgtlmoon/changedetection.io
Security
No security policy detected
This project has not set up aSECURITY.md file yet.
Report a vulnerability- XSS In watch overview, failure to fully filter error texts generated by website page change filtersGHSA-hwpg-x5hw-vpv9 published
Jun 21, 2025 bydgtlmoonHigh - Improper Input Validation Leading to LFR/Path TraversalGHSA-j5vv-6wjg-cfr8 published
Dec 27, 2024 bydgtlmoonHigh - Path traversal using file URI scheme without supplying hostnameGHSA-6jrf-rcjf-245r published
Nov 7, 2024 bydgtlmoonHigh - Path TraversalGHSA-cwgg-57xj-g77r published
Oct 31, 2024 bydgtlmoonModerate - XSS reflected (Post Base) in /settingsGHSA-pwgc-w4x9-gw67 published
May 2, 2024 bydgtlmoonModerate - Server Side Template Injection in Jinja2 allows Remote Command ExecutionGHSA-4r7v-whpg-8rx3 published
Apr 25, 2024 bydgtlmoonCritical - API endpoint `/api/v1/watch/<uuid>/history` is not secured with API tokenGHSA-hcvp-2cc7-jrwr published
Jan 19, 2024 bydgtlmoonLow
Learn more about advisories related todgtlmoon/changedetection.io in theGitHub Advisory Database