Filtered by vendor Grafana
Subscriptions
Filtered by product Grafana
Subscriptions
Total
65 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2018-18625 | 1 Grafana | 1 Grafana | 2020-06-08 | 6.1 Medium |
Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. | ||||
CVE-2018-18624 | 1 Grafana | 1 Grafana | 2020-06-08 | 6.1 Medium |
Grafana 5.3.1 has XSS via a column style on the "Dashboard > Table Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. | ||||
CVE-2020-12052 | 1 Grafana | 1 Grafana | 2020-05-11 | 6.1 Medium |
Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | ||||
CVE-2018-12099 | 2 Grafana, Netapp | 3 Grafana, Active Iq Performance Analytics Services, Storagegrid Webscale Nas Bridge | 2019-04-29 | N/A |
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. | ||||
CVE-2018-15727 | 2 Grafana, Redhat | 2 Grafana, Ceph Storage | 2019-03-05 | N/A |
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. |