Page 7 of 31 results (0.004 seconds)

CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1

public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field). El archivo public/app/features/panel/panel_ctrl.ts en Grafana anterior a versión 6.2.5, permite Inyección HTML en los enlaces de desglose del panel (por medio del campo Title o url). Grafana versions 6.2.4 and below suffer from an html injection vulnerability. • https://www.exploit-db.com/exploits/51073 http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html https://github.com/grafana/grafana/issues/17718 https://github.com/grafana/grafana/releases/tag/v6.2.5 https://security.netapp.com/advisory/ntap-20190710-0001 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •