14 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-41174
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2022:4428-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4428-1 advisory. Version update from 8.3.10 to 8.5.13 jscPED-2145: - Security fixes: CVE-2022-36062: bsc1203596...
SUSE: Security Advisory (SUSE-SU-2022:4428-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:2134-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VulnCheck KEV: CVE-2021-41174
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...
Security fix for the ALT Linux 10 package grafana version 8.5.0-alt1
8.5.0-alt1 built May 5, 2022 Alexey Shabalin in task 299382 April 26, 2022 Alexey Shabalin - 8.5.0 - Use pre-builded frontend - Fixes: + CVE-2022-24812 + CVE-2022-21702 + CVE-2022-21703 + CVE-2022-21713 + CVE-2021-43813 + CVE-2021-43815 + CVE-2021-41244 + CVE-2021-41174...
Grafana Cross-site Scripting (CVE-2021-41174)
A cross-site scripting vulnerability exists in Grafana. The vulnerability is due to insufficient validation of user input in the URI path...
FreeBSD : Grafana -- XSS (4b478274-47a0-11ec-bd24-6c3be5272acd)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4b478274-47a0-11ec-bd24-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. In affected versions if an...
GHSA-3J9M-HCV9-RPJ8 XSS vulnerability allowing arbitrary JavaScript execution
Today we are releasing Grafana 8.2.3. This patch release includes an important security fix for an issue that affects all Grafana versions from 8.0.0-beta1. Grafana Cloud instances have already been patched and an audit did not find any usage of this attack vector. Grafana Enterprise customers we...
XSS vulnerability allowing arbitrary JavaScript execution
Today we are releasing Grafana 8.2.3. This patch release includes an important security fix for an issue that affects all Grafana versions from 8.0.0-beta1. Grafana Cloud instances have already been patched and an audit did not find any usage of this attack vector. Grafana Enterprise customers we...
CVE-2021-41174
creationtimestamp| type| source ---|---|--- 2021-11-03 21:23:30+00:00| published-proof-of-concept| https://t.me/cibsecurity/31767 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41174.yaml...
CVE-2021-41174
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...
CVE-2021-41174
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...
CVE-2021-41174
Grafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the...