[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-2671":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":52,"name":53,"published":54,"updated":34},2671,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},2,"Nuclei",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":45,"epss_score":46,"epss_percentile":47,"cve":48,"in_cisa_catalog":50,"date":51,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"medium","An attacker can exploit this vulnerability to redirect users to malicious websites, leading to potential phishing attacks or the disclosure of sensitive information.","Prometheus 2.23.0 through 2.26.0 and 2.27.0 contains an open redirect vulnerability. To ensure a seamless transition to 2.27.0, the default UI was changed to the new UI with a URL prefixed by /new redirect to /. Due to a bug in the code, an attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.","The issue was patched in the 2.26.1 and 2.27.1 releases. In 2.28.0, the /new endpoint will be removed completely. The workaround is to disable access to /new via a reverse proxy in front of Prometheus.",[40,41,42,43,44],"https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7","https://github.com/prometheus/prometheus/releases/tag/v2.26.1","https://github.com/prometheus/prometheus/releases/tag/v2.27.1","https://nvd.nist.gov/vuln/detail/CVE-2021-29622","https://github.com/d4n-sec/d4n-sec.github.io",6.1,0.91497,0.99664,[49],"CVE-2021-29622",false,"2021-05-19T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2021-29622","Prometheus - Open Redirect","2023-07-04T00:00:00Z"]