8 matches found
BrowserPilot 安全漏洞
BrowserPilot is an intelligent web browsing agent controlled by natural language from the individual developer Andrew Han. A security vulnerability exists in BrowserPilot 0.2.51 and earlier versions, which stems from code injection due to incorrect manipulation of the parameter instructions...
BIT-ALERTMANAGER-2023-40577 Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
SUSE CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
DEBIAN-CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
CVE-2023-40577
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
CVE-2023-40577 Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
CVE-2023-40577 Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint
Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in...
PT-2023-9332 · Unknown +5 · Alertmanager +5
Name of the Vulnerable Software and Affected Versions: Alertmanager versions prior to 0.2.51 Description: The issue is related to the improper neutralization of input data during web page generation in the /api/v1/alerts endpoint of the Alertmanager component in the Prometheus monitoring system. ...