Description
An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI.
Remediation
References
https://github.com/OpenTSDB/opentsdb/issues/1241
Related Vulnerabilities
CVE-2019-1003063 Vulnerability in maven package org.jenkins-ci.plugins:snsnotify
CVE-2017-16132 Vulnerability in npm package simple-npm-registry
CVE-2016-10735 Vulnerability in maven package org.webjars.bowergithub.twbs:bootstrap
CVE-2019-10749 Vulnerability in npm package sequelize
CVE-2020-15366 Vulnerability in maven package org.webjars.npm:ajv