CVE-2023-40577
CVE-2023-40577 affects Prometheus Prometheus Alertmanager. The issue allows an attacker with POST permission on the /api/v1/alerts endpoint to cause arbitrary JavaScript execution in users of Alertmanager (stored XSS). The vulnerability is tied to the Alertmanager component handling incoming aler...