Описание
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
Ссылки
- ExploitPatchThird Party Advisory
- ExploitPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:grafana:grafana:5.3.1:*:*:*:*:*:*:*
EPSS
Процентиль: 73%
0.00825
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 6.1
ubuntu
около 5 лет назад
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
CVSS3: 6.1
redhat
около 5 лет назад
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.
CVSS3: 6.1
debian
около 5 лет назад
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > Gene ...
CVSS3: 6.1
github
больше 1 года назад
Grafana XSS via adding a link in General feature
EPSS
Процентиль: 73%
0.00825
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79