Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grafana grafana vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-18623
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Grafana Grafana 5.3.1
4.3
CVSSv2
CVE-2018-18624
Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Grafana Grafana 5.3.1
4.3
CVSSv2
CVE-2018-18625
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Grafana Grafana 5.3.1
4.3
CVSSv2
CVE-2020-13430
Grafana prior to 7.0.0 allows tag value XSS via the OpenTSDB datasource.
Grafana Grafana
4.3
CVSSv2
CVE-2020-12052
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
Grafana Grafana
4.3
CVSSv2
CVE-2020-12245
Grafana prior to 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
Grafana Grafana
4.3
CVSSv2
CVE-2020-10092
GitLab 12.1 up to and including 12.8.1 allows XSS. A cross-site scripting vulnerability was present in a particular view relating to the Grafana integration.
Gitlab Gitlab
4.3
CVSSv2
CVE-2018-9090
CoreOS Tectonic 1.7.x and 1.8.x prior to 1.8.7-tectonic.2 deploys the Grafana web application using default credentials (admin/admin) for the administrator account located at grafana-credentials secret. This occurs because CoreOS does not randomize the administrative password to ...
Redhat Tectonic
4.3
CVSSv2
CVE-2019-13068
public/app/features/panel/panel_ctrl.ts in Grafana prior to 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
Grafana Grafana
4.3
CVSSv2
CVE-2015-9282
The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data. When a chart is included in a Grafana dashboard, this vulnerability could allow an malicious user to gain remote unauthenticated access to the dashboard.
Grafana Piechart-panel
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »