Description
Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without escaping. In both the Mantine UI and old React UI, chart tooltips on the Graph page render metric names containing HTML/JavaScript without sanitization. In the old React UI, the Metric Explorer fuzzy search results use dangerouslySetInnerHTML without escaping, and heatmap cell tooltips interpolate le label values without sanitization. With Prometheus v3.x defaulting to UTF-8 metric and label name validation, characters like <, >, and " are now valid in metric names and labels. An attacker who can inject metrics via a compromised scrape target, remote write, or OTLP receiver endpoint can execute arbitrary JavaScript in the browser of any Prometheus user who views the metric in the Graph UI, potentially enabling configuration exfiltration, data deletion, or Prometheus shutdown depending on enabled flags. This issue has been fixed in versions 3.5.2 and 3.11.2. If developers are unable to immediately update, the following workarounds are recommended: ensure that the remote write receiver (--web.enable-remote-write-receiver) and the OTLP receiver (--web.enable-otlp-receiver) are not exposed to untrusted sources; verify that all scrape targets are trusted and not under attacker control; avoid enabling admin or mutating API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) in environments where untrusted data may be ingested; and refrain from clicking untrusted links, particularly those containing functions such as label_replace, as they may generate poisoned label names and values.
Published: 2026-04-15
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Stored Cross‑Site Scripting (Remote Code Execution in browser)
Action: Immediate Patch
AI Analysis

Impact

Prometheus 3.0‑11.1 stores metric names and label values directly into chart tooltips, metric explorer results, and heatmap cell tooltips without escaping. The rendering in both the Mantine and old React UI uses innerHTML or dangerouslySetInnerHTML, allowing any HTML or JavaScript injected into a metric or label to be executed when a user views the graph. An attacker who can add or modify metric data via a compromised scrape target, remote write, or OTLP receiver endpoint can trigger arbitrary script execution in the browser of any user who hovers over or selects that metric, potentially exposing configuration information, deleting data, or terminating the Prometheus instance if administrative flags are enabled. The vulnerability is a classic stored XSS flaw (CWE‑79).

Affected Systems

All releases from Prometheus 3.0 to 3.5.1 and from 3.6.0 to 3.11.1 are impacted. Users running these versions should verify the exact build and plan to upgrade. The issue was resolved in 3.5.2 and 3.11.2.

Risk and Exploitability

The CVSS score is 5.3, indicating moderate severity. No EPSS data is available, and the flaw is not listed in the CISA KEV catalog, suggesting that while it is known, a public exploit is not yet in widespread use. Because the flaw relies on an attacker having the ability to influence metric data—in many deployments this requires control over a scrape target or remote write endpoint—the attack vector is primarily internal or requires compromised telemetry sources. Nevertheless, when such control is achieved, victims can run arbitrary JavaScript in the UI, which may lead to configuration theft, metric data tampering, or service disruption.

Generated by OpenCVE AI on April 16, 2026 at 02:16 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the vendor patch to upgrade to Prometheus 3.5.2 or later 3.11.2.
  • Disallow or limit the remote‑write and OTLP receiver endpoints by disabling them or restricting access to trusted sources.
  • Ensure that all scrape targets are under your control and are trusted; avoid ingesting metrics from untrusted or exposed endpoints.
  • Disable admin and lifecycle API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) when ingesting untrusted data.
  • Avoid clicking links that use functions such as label_replace, which may generate poisoned metric names or values.

Generated by OpenCVE AI on April 16, 2026 at 02:16 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-vffh-x6r8-xx99 Prometheus has Stored XSS via metric names and label values in Prometheus web UI tooltips and metrics explorer
History

Thu, 16 Apr 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 16 Apr 2026 00:45:00 +0000

Type Values Removed Values Added
First Time appeared Prometheus
Prometheus prometheus
Vendors & Products Prometheus
Prometheus prometheus

Wed, 15 Apr 2026 22:45:00 +0000

Type Values Removed Values Added
Description Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without escaping. In both the Mantine UI and old React UI, chart tooltips on the Graph page render metric names containing HTML/JavaScript without sanitization. In the old React UI, the Metric Explorer fuzzy search results use dangerouslySetInnerHTML without escaping, and heatmap cell tooltips interpolate le label values without sanitization. With Prometheus v3.x defaulting to UTF-8 metric and label name validation, characters like <, >, and " are now valid in metric names and labels. An attacker who can inject metrics via a compromised scrape target, remote write, or OTLP receiver endpoint can execute arbitrary JavaScript in the browser of any Prometheus user who views the metric in the Graph UI, potentially enabling configuration exfiltration, data deletion, or Prometheus shutdown depending on enabled flags. This issue has been fixed in versions 3.5.2 and 3.11.2. If developers are unable to immediately update, the following workarounds are recommended: ensure that the remote write receiver (--web.enable-remote-write-receiver) and the OTLP receiver (--web.enable-otlp-receiver) are not exposed to untrusted sources; verify that all scrape targets are trusted and not under attacker control; avoid enabling admin or mutating API endpoints (e.g., --web.enable-admin-api or --web.enable-lifecycle) in environments where untrusted data may be ingested; and refrain from clicking untrusted links, particularly those containing functions such as label_replace, as they may generate poisoned label names and values.
Title Prometheus: Stored XSS via metric names and label values in web UI tooltips and metrics explorer
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N'}

Subscriptions

Prometheus Prometheus
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-16T14:21:42.130Z

Reserved: 2026-04-09T20:59:17.619Z

Link: CVE-2026-40179

cve-icon Vulnrichment

Updated: 2026-04-16T14:21:36.415Z

cve-icon NVD

Status : Received

Published: 2026-04-15T23:16:09.870

Modified: 2026-04-15T23:16:09.870

Link: CVE-2026-40179

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-16T02:30:21Z

Weaknesses