Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

ASA-202105-25 - log back

ASA-202105-25 edited at 26 May 2021 10:35:24

Workaround

-	The issue can be mitigated by using the --web.external-url= flag with a path (e.g. --web.external-url=http://example.com/prometheus).
+	The issue can be mitigated by using the --web.external-url= flag with a
+	path (e.g. --web.external-url=http://example.com/prometheus).

ASA-202105-25 edited at 25 May 2021 09:56:50

Workaround

+	The issue can be mitigated by using the --web.external-url= flag with a path (e.g. --web.external-url=http://example.com/prometheus).

Impact

+	A remote attacker can use crafted URLs to redirect victims from a Prometheus server instance to an arbitrary address.

ASA-202105-25 created at 25 May 2021 09:54:30