Tag
The client_secret field in Prometheus' Azure AD remote write OAuth configuration was exposed in plaintext via the `/-/config` HTTP API endpoint, due to being incorrectly typed as a string, potentially allowing unauthorized access to sensitive credentials.