Cross-site Scripting (XSS)
Discription

opentsdb is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to the insufficient validation of parameters reflected in error messages in the `internalError` and `badRequest` functions of `HttpQuery.java`, which allows an attacker to inject and execute malicious JavaScript through the legacy HTTP query API and the logging endpoint.Read More

Back to Main

Subscribe for the latest news: