Lucene search
+L

94 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-4123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect user...

7.6CVSS7.7AI score0.97999EPSS
Exploits6References2
Hacker One
Hacker One
added 2025/08/05 1:15 p.m.9 views

U.S. Dept Of Defense: CVE‑2025‑4123 — Grafana Open Redirect → Stored XSS → SSRF (Full Read) at ██████

A vulnerability, identified as CVE-2025-4123, was discovered in Grafana OSS and Enterprise versions 8.x through 12.x. The vulnerability allowed unauthenticated attackers to chain multiple flaws, including an open redirect through path traversal in the public redirect handler, stored cross-site...

7.6CVSS6.2AI score0.97999EPSS
Exploits6
Wolfi
Wolfi
added 2025/07/31 1:47 a.m.6 views

GHSA-XFFM-G5W8-QVG7 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/07/31 1:17 a.m.6 views

GHSA-XFFM-G5W8-QVG7 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.12 views

VulnCheck KEV: CVE-2025-4123

A cross-site scripting XSS vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permission...

7.6CVSS6AI score0.97999EPSS
In wildExploits6References91
Wolfi
Wolfi
added 2025/06/11 7:46 p.m.6 views

GHSA-G5HG-P3PH-G8QG vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/06/11 7:46 p.m.14 views

CVE-2025-48997 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

8.7CVSS7.5AI score0.00368EPSS
Exploits0
Chainguard
Chainguard
added 2025/06/11 7:15 p.m.13 views

CVE-2025-48997 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

8.7CVSS7.5AI score0.00368EPSS
Exploits0
Chainguard
Chainguard
added 2025/06/11 7:15 p.m.10 views

GHSA-G5HG-P3PH-G8QG vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/05/24 1:45 a.m.12 views

GHSA-4PG4-QVPC-4Q3H vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/05/24 1:45 a.m.11 views

GHSA-44FP-W29J-9VJ5 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Wolfi
Wolfi
added 2025/05/24 1:45 a.m.19 views

CVE-2025-47935 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5CVSS7.2AI score0.00683EPSS
Exploits0
Wolfi
Wolfi
added 2025/05/24 1:45 a.m.16 views

CVE-2025-47944 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5CVSS7.2AI score0.00697EPSS
Exploits0
Chainguard
Chainguard
added 2025/05/24 1:15 a.m.19 views

CVE-2025-47935 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5CVSS7.8AI score0.00683EPSS
Exploits0
Chainguard
Chainguard
added 2025/05/24 1:15 a.m.22 views

CVE-2025-47944 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5CVSS7.8AI score0.00697EPSS
Exploits0
Chainguard
Chainguard
added 2025/05/24 1:15 a.m.8 views

GHSA-44FP-W29J-9VJ5 vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Chainguard
Chainguard
added 2025/05/24 1:14 a.m.14 views

GHSA-4PG4-QVPC-4Q3H vulnerabilities

Vulnerabilities for packages: grafana-image-renderer...

7.5AI score
Exploits0
Snyk
Snyk
added 2025/05/22 9:33 a.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via a custom loaded frontend plugin. An attacker can execute arbitrary JavaScript on the user's browser by redirecting them to a malicious website hosting the frontend plugin. This does not require editor...

8.8CVSS5.4AI score0.97999EPSS
Exploits6References2
AlpineLinux
AlpineLinux
added 2025/05/22 8:15 a.m.5 views

CVE-2025-4123

A cross-site scripting XSS vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permission...

7.6CVSS5.8AI score0.97999EPSS
Exploits6References2
OSV
OSV
added 2025/05/22 8:15 a.m.5 views

UBUNTU-CVE-2025-4123

A cross-site scripting XSS vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permission...

7.6CVSS7.2AI score0.97999EPSS
Exploits6References3
Rows per page
Query Builder