CVE-2018-11651
Graylog before v2.4.4 is affected by an XSS vulnerability due to unescaped text in dashboard names, specifically in dashboard-related UI components (Dashboard.jsx, EditDashboardModal.jsx) and ShowDashboardPage.jsx. The issue enables script execution when dashboard names contain malicious content....