github.com/prometheus/alertmanager is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to the lack of HTML sanitization in the `generatorURL` field of `Alert.elm`, which allows an attacker to inject and execute malicious JavaScript by sending a POST request to the `/api/v1/alerts` endpoint.Read More