Description
An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI.
Remediation
References
https://github.com/OpenTSDB/opentsdb/issues/1241
Related Vulnerabilities
CVE-2019-20920 Vulnerability in npm package handlebars
CVE-2020-17533 Vulnerability in maven package org.apache.accumulo:accumulo-core
CVE-2016-8609 Vulnerability in maven package org.keycloak:keycloak-core
CVE-2018-3717 Vulnerability in npm package simple-server
CVE-2021-29481 Vulnerability in maven package io.ratpack:ratpack-session