CVE-2018-18902
Grafana (singlestat panel) is vulnerable to cross-site scripting (XSS) because the prefix and postfix fields are not properly sanitized, allowing an attacker to inject and execute arbitrary JavaScript in a victim’s browser. The connected Veracode entry confirms the XSS issue but provides no explo...