CVE-2019-15635
CVE-2019-15635 affects Grafana 5.4.0: passwords for data sources (e.g., MySQL) are stored unencrypted and can be exposed. An admin can reveal these credentials by using the Save and test button in a data source’s settings, watching the traffic, or using the browser’s Show password option. The con...