The Prometheus security policy, including how to report vulnerabilities, can be found here:
Security: prometheus/alertmanager
Security
SECURITY.md
-
Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpointGHSA-v86x-5fm3-5p7j published
Aug 23, 2023 by simonpasquierHigh
Learn more about advisories related to prometheus/alertmanager in the GitHub Advisory Database