CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2023-1387 – grafana: JWT token leak to data source
https://notcve.org/view.php?id=CVE-2023-1387
26 Apr 2023 — Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration option (disabled by default), a JWT might be sent to data sources. If an attacker has access to the data source, the leaked token could be used to authenticate to Grafana. A flaw was found in Grafana. • https://github.com/grafana/bugbounty/security/advisories/GHSA-5585-m9r5-p86j • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.2EPSS: 1%CPEs: 3EXPL: 1CVE-2023-1410 – Stored XSS in Graphite FunctionDescription tooltip
https://notcve.org/view.php?id=CVE-2023-1410
23 Mar 2023 — Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have control over the Graphite data source in order to manipulate a function description and a Grafana admin needs to configure the data source, later a Grafana user needs to select a tampered function and hover over the descr... • https://github.com/grafana/bugbounty/security/advisories/GHSA-qrrg-gw7w-vp76 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 7%CPEs: 2EXPL: 0CVE-2023-22462 – Stored XSS in Grafana Text plugin
https://notcve.org/view.php?id=CVE-2023-22462
02 Mar 2023 — Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker n... • https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.3EPSS: 34%CPEs: 3EXPL: 0CVE-2023-0594 – grafana: cross site scripting
https://notcve.org/view.php?id=CVE-2023-0594
01 Mar 2023 — Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this will be rendered when the span's attributes/resources are expanded. An attacker needs to have the Editor role in order to change the value of a trace view visualization to contain JavaScript. This means that vertica... • https://grafana.com/security/security-advisories/cve-2023-0594 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 7.3EPSS: 66%CPEs: 3EXPL: 0CVE-2023-0507 – grafana: cross site scripting
https://notcve.org/view.php?id=CVE-2023-0507
01 Mar 2023 — Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include a map attribution containing JavaScript. This ... • https://grafana.com/security/security-advisories/cve-2023-0507 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) •
CVSS: 9.0EPSS: 0%CPEs: 4EXPL: 1CVE-2022-23498 – When query caching is enabled in Grafana users can query another users session
https://notcve.org/view.php?id=CVE-2022-23498
03 Feb 2023 — Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the vulnerability you can disable datasource query caching for all datasources. This issue has been patched in versions 9.2.10 and 9.3.4. • https://github.com/grafana/grafana/security/advisories/GHSA-2j8f-6whh-frc8 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-23552 – Grafana stored XSS in FileUploader component
https://notcve.org/view.php?id=CVE-2022-23552
27 Jan 2023 — Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch and prior to versions 8.5.16, 9.2.10, and 9.3.4, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible because SVG files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. An attacker needs to have the Editor role in order to change a panel to include eith... • https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39324 – Grafana vulnerable to spoofing originalUrl of snapshots
https://notcve.org/view.php?id=CVE-2022-39324
27 Jan 2023 — Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s injected URL. Th... • https://github.com/grafana/grafana/commit/239888f22983010576bb3a9135a7294e88c0c74a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-472: External Control of Assumed-Immutable Web Parameter •
CVSS: 9.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39306 – Grafana contains Improper Input Validation
https://notcve.org/view.php?id=CVE-2022-39306
09 Nov 2022 — Grafana is an open-source platform for monitoring and observability. Versions prior to 9.2.4, or 8.5.15 on the 8.X branch, are subject to Improper Input Validation. Grafana admins can invite other members to the organization they are an admin for. When admins add members to the organization, non existing users get an email invite, existing members are added directly to the organization. When an invite link is sent, it allows users to sign up with whatever username/email address the user chooses and become a... • https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84 • CWE-20: Improper Input Validation CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 6.7EPSS: 0%CPEs: 2EXPL: 0CVE-2022-39307 – Grafana subject to Exposure of Sensitive Information resulting in User enumeration via forget password
https://notcve.org/view.php?id=CVE-2022-39307
09 Nov 2022 — Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the `/api/user/password/sent-reset-email` URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks information to unauthenticated users and introduces a security risk. This issue has been patched in 9.2.4 and backported to 8.5.15. • https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-209: Generation of Error Message Containing Sensitive Information •