Vulnerabilities > Prometheus > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-25 | CVE-2023-40577 | Cross-site Scripting vulnerability in multiple products Alertmanager handles alerts sent by client applications such as the Prometheus server. | 5.4 |
| 2021-05-19 | CVE-2021-29622 | Open Redirect vulnerability in Prometheus Prometheus is an open-source monitoring system and time series database. | 6.1 |
| 2020-08-09 | CVE-2020-16248 | Server-Side Request Forgery (SSRF) vulnerability in Prometheus Blackbox Exporter Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. | 5.8 |
| 2019-03-26 | CVE-2019-3826 | Cross-site Scripting vulnerability in multiple products A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. | 6.1 |