Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
NA
CVSSv2

CVE-2022-31097

CVSSv4: NA | CVSSv3: 8.7 | CVSSv2: NA | VMScore: 970 | EPSS: 0.48511 | KEV: Not Included
Published: 15/07/2022 Updated: 21/11/2024

Vulnerability Summary

Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch before 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to escalate privilege from editor to admin by tricking an authenticated admin to click on a link. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch. As a workaround, it is possible to disable alerting or use legacy alerting.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

grafana grafana

netapp e-series performance analyzer -

Vendor Advisories

Red Hat: Important: Red Hat Ceph Storage 6.1 Container security and bug fix update
Synopsis Important: Red Hat Ceph Storage 61 Container security and bug fix update Type/Severity Security Advisory: Important Topic A new container image for Red Hat Ceph Storage 61 is now available in the Red Hat Ecosystem CatalogRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...

References

CWE-79CWE-79https://access.redhat.com/errata/RHSA-2023:3642https://nvd.nist.govhttps://www.first.org/epsshttps://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5fhttps://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/https://security.netapp.com/advisory/ntap-20220901-0010/https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5fhttps://grafana.com/docs/grafana/latest/release-notes/release-notes-8-5-9/https://grafana.com/docs/grafana/latest/release-notes/release-notes-9-0-3/https://grafana.com/docs/grafana/next/release-notes/release-notes-8-4-10/https://security.netapp.com/advisory/ntap-20220901-0010/
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
unprivilegedprivilege escalationCVE-2024-57040morningCVE-2025-24801CVE-2025-24813CVE-2025-29930CVE-2024-10442smartosCVE-2025-0694cryptolibmbconnect24local users
Home
/
Search Results
/
CVE-2022-31097
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook