Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2020-11110

Опубликовано: 27 июл. 2020
Источник: debian
EPSS Высокий

Описание

Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
grafanaremovedpackage

EPSS

Процентиль: 99%
0.76257
Высокий

Связанные уязвимости

ubuntu логотип

CVE-2020-11110

CVSS3: 5.4
ubuntu
больше 5 лет назад

Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

redhat логотип

CVE-2020-11110

CVSS3: 6.1
redhat
больше 5 лет назад

Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

nvd логотип

CVE-2020-11110

CVSS3: 5.4
nvd
больше 5 лет назад

Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

github логотип

GHSA-xr3x-62qw-vc4w

CVSS3: 5.4
github
больше 3 лет назад

Grafana stored XSS

oracle-oval логотип

ELSA-2020-4682

oracle-oval
почти 5 лет назад

ELSA-2020-4682: grafana security, bug fix, and enhancement update (MODERATE)

EPSS

Процентиль: 99%
0.76257
Высокий