CVE-2018-18623

Опубликовано: 02 июн. 2020

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

Ссылки

https://github.com/grafana/grafana/issues/15293
Exploit
Third Party Advisory
https://github.com/grafana/grafana/pull/11813
Exploit
Third Party Advisory
https://github.com/grafana/grafana/releases/tag/v6.0.0
Release Notes
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0008/
Third Party Advisory
https://github.com/grafana/grafana/issues/15293
Exploit
Third Party Advisory
https://github.com/grafana/grafana/pull/11813
Exploit
Third Party Advisory
https://github.com/grafana/grafana/releases/tag/v6.0.0
Release Notes
Third Party Advisory
https://security.netapp.com/advisory/ntap-20200608-0008/
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:grafana:grafana:5.3.1:*:*:*:*:*:*:*

EPSS

Процентиль: 61%

0.00419

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

CVE-2018-18623

CVSS3: 6.1

ubuntu

около 5 лет назад

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

CVE-2018-18623

CVSS3: 6.1

redhat

около 5 лет назад

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

CVE-2018-18623

CVSS3: 6.1

debian

около 5 лет назад

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: t ...

GHSA-cmq2-j8v8-2q44

CVSS3: 6.1

github

больше 1 года назад

Grafana XSS in Dashboard Text Panel

EPSS

Процентиль: 61%

0.00419

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79