3 matches found
grafana: persistent xss in grafana core plugins
A flaw was found in The GeoMap and Canvas plugins of Grafana. The GeoMap and Canvas plugins are core plugins in Grafana, which means that all Grafana instances have GeoMap and Canvas installed. These two plugins are vulnerable to Cross-site scripting, where an attacker with an Editor role can add...
at.ac.ait.lablink.clients:csvclient (>=0.0.1 <=0.0.2), at.ac.ait.lablink.clients:dpbridge (>=0.0.1 <=0.0.3) +302 more potentially affected by CVE-2013-2027 via org.python:jython-standalone (>=2.5.2 <=2.7.2)
org.python:jython-standalone MAVEN version =2.5.2, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.0.2, =0.0.1, =0.0.1, =0.1.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.0.0, =1.0.0, =1.3.0, =2.1.2 and more Source cves: CVE-2013-2027 Source advisory: OSV:GHSA-9347-9W64-Q5WP...
PT-2019-12702 · Matomo · Matomo
Name of the Vulnerable Software and Affected Versions: Matomo version 3.9.1 Description: A full path disclosure issue was discovered, allowing a user to trigger an error and discover the full path of Matomo on the disk. This occurs because lastError.file is used in...