BIT-prometheus-2026-40179: Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer
Prometheus versions prior to 3.5.2 and between 3.6.0 and 3.11.1 contain stored cross-site scripting (XSS) vulnerabilities in the web UI. These vulnerabilities arise because metric names and label…
Read the full article2d agoen
Comments
Sign in to join the conversation.
No comments yet. Be the first.