1 results (0.003 seconds)
CVSS: 8.0EPSS: 0%CPEs: 10EXPL: 0
CVSS: 8.0EPSS: 0%CPEs: 10EXPL: 0CVE-2025-2703
https://notcve.org/view.php?id=CVE-2025-2703
23 Apr 2025 — The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript. • https://grafana.com/security/security-advisories/cve-2025-2703 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •