4 matches found
Grafana < 8.5.22 Cross-site Scripting
According to its self-reported version, the Grafana install hosted on the remote host is earlier than 8.5.22, or earlier than 9.2.15, or earlier than 9.3.11. It is, therefore, affected by a cross-site scripting vulnerability. Note that the scanner has not tested for these issues but has instead...
UBUNTU-CVE-2023-1410
Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have contro...
Stored XSS in Graphite FunctionDescription tooltip
Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker needs to have contro...
Apache Tomcat PUT method JSP upload
Added: 10/13/2017 BID: 100954 Background Apache Tomcat is a Java web application platform. Problem A vulnerability in Apache Tomcat allows remote attackers to execute arbitrary commands by using the PUT method to upload a JSP file, and then requesting that file. Resolution Upgrade to Apache Tomca...