Ht

**Name of the Vulnerable Software and Affected Versions** HAProxy Kubernetes Ingress Controller versions prior to 3.1.13 HAProxy Enterprise Kubernetes Ingress Controller versions prior to 3.0.16-ee1 HAProxy Enterprise Kubernetes Ingress Controller versions prior to 1.11.13-ee1 HAProxy Enterprise Kubernetes Ingress Controller versions prior to 1.9.15-ee1 **Description** The HAProxy Kubernetes Ingress Controller allows users with create or update permissions to submit config snippets. When the `config-snippets` feature flag is enabled, this can lead to obtaining an ingress token secret as a response. The issue occurs due to the acceptance of user-provided configuration snippets. **Recommendations** Update HAProxy Kubernetes Ingress Controller to version 3.1.13 or later. Update HAProxy Enterprise Kubernetes Ingress Controller to version 3.0.16-ee1 or later. Update HAProxy Enterprise Kubernetes Ingress Controller to version 1.11.13-ee1 or later. Update HAProxy Enterprise Kubernetes Ingress Controller to version 1.9.15-ee1 or later.