On Fri, 29 May 2020 at 04:39, veena thimmegowda <[email protected]> wrote:
> Hi, > > In the burp scan analysis report we found *Cross-site scripting > (reflected) *vulnerability for the Alertmanager and Prometheus server. > Please provide the solution to solve/remove this vulnerability. > Neither Prometheus nor the Alertmanager can return 401s, nor is state a URL parameter we use. This sounds like an issue with a reverse proxy you have in front of them. Brian > > Please find the attached files for more information. > > Regards, > Veena > > > -- > You received this message because you are subscribed to the Google Groups > "Prometheus Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/prometheus-users/68a949dd-bc8a-4814-8206-773ba1c0320a%40googlegroups.com > <https://groups.google.com/d/msgid/prometheus-users/68a949dd-bc8a-4814-8206-773ba1c0320a%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Brian Brazil www.robustperception.io -- You received this message because you are subscribed to the Google Groups "Prometheus Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/prometheus-users/CAHJKeLqRGVjK1SsQ07%2BG6gmU7vRXiDwefrCTF2eE%3D3TzTxV_DA%40mail.gmail.com.
