Lucene search
+L

8 matches found

nessus
nessus
added 2025/09/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-0594

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view...

7.3CVSS7AI score0.09216EPSS
Exploits0References2
nessus
nessus
added 2023/11/06 12:0 a.m.29 views

FreeBSD : Grafana -- Stored XSS in TraceView panel (e7841611-b808-11ed-b695-6c3be5272acd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e7841611-b808-11ed-b695-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch,...

7.3CVSS7.2AI score0.09216EPSS
Exploits0References3
ibm
ibm
added 2023/11/01 7:59 p.m.25 views

Security Bulletin: IBM Storage Ceph is vulnerable to Cross-site Scripting in Grafana (CVE-2023-0594)

Summary Grafana is used by IBM Storage Ceph as part of the dashboard to monitor the stats for each cluster. CVE-2023-0594 Vulnerability Details CVEID: CVE-2023-0594 DESCRIPTION: Grafana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the TraceView...

7.3CVSS6AI score0.09216EPSS
Exploits0Affected Software1
nessus
nessus
added 2023/04/20 12:0 a.m.78 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2023:1904-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1904-1 advisory. - Security issues fixed: CVE-2023-1410: Fix XSS in Graphite functions tooltip bsc1209645...

7.3CVSS6.8AI score0.1546EPSS
Exploits1References10
osv
osv
added 2023/04/19 3:8 a.m.6 views

SUSE-SU-2023:1902-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: grafana version update from 8.5.20 to 8.5.22: - Security issues fixed: CVE-2023-1410: Fix XSS in Graphite functions tooltip bsc1209645 CVE-2023-0507: Apply attribute sanitation to GeomapPanel bsc1208821 CVE-2023-0594: Avoid storing XSS in TraceView panel...

7.3CVSS6.3AI score0.1546EPSS
Exploits1References7
redhatcve
redhatcve
added 2023/03/01 6:30 p.m.75 views

CVE-2023-0594

A flaw was found in the grafana package. This flaw allows a malicious user with the ability to introduce trace data to provide a JavaScript that changes the password for the user viewing the trace view this could be an admin to a known password, thus gaining access to the admin account. Mitigatio...

7.3CVSS5.4AI score0.09216EPSS
Exploits0References4
cgr
cgr
added 2023/03/01 4:15 p.m.420 views

CVE-2023-0594 vulnerabilities

Vulnerabilities for packages: grafana...

7.3CVSS5.8AI score0.09216EPSS
Exploits0
vulnrichment
vulnrichment
added 2023/03/01 3:36 p.m.8 views

CVE-2023-0594

Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this...

7.3CVSS6.5AI score0.09216EPSS
Exploits0References1
Rows per page
Query Builder