0.002 Low
EPSS
Percentile
56.3%
An information leak was discovered in Grafana. Remote unauthenticated users could exploit the forget password feature to discover which user accounts exist.
bugzilla.redhat.com/show_bug.cgi?id=2138015
grafana.com/blog/2022/11/08/security-release-new-versions-of-grafana-with-critical-and-moderate-fixes-for-cve-2022-39328-cve-2022-39307-and-cve-2022-39306/
nvd.nist.gov/vuln/detail/CVE-2022-39307
www.cve.org/CVERecord?id=CVE-2022-39307