Описание
Grafana XSS in Dashboard Text Panel
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-18623
- https://github.com/grafana/grafana/issues/15293
- https://github.com/grafana/grafana/issues/4117
- https://github.com/grafana/grafana/pull/11813
- https://github.com/grafana/grafana/pull/14984
- https://github.com/grafana/grafana/releases/tag/v6.0.0
- https://security.netapp.com/advisory/ntap-20200608-0008
Пакеты
Наименование
github.com/grafana/grafana
go
Затронутые версииВерсия исправления
< 6.0.0-beta1
6.0.0-beta1
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 5 лет назад
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
CVSS3: 6.1
redhat
около 5 лет назад
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
CVSS3: 6.1
nvd
около 5 лет назад
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
CVSS3: 6.1
debian
около 5 лет назад
Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: t ...