3 matches found
CVE-2023-5123
The JSON datasource plugin https://grafana.com/grafana/plugins/marcusolsson-json-datasource/ is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing JSON data from a remote endpoint including a specific sub-path configured by an administrator. Due to inadequate...
CVE-2023-5123 Improper Path Sanitization in JSON Datasource Plugin
The JSON datasource plugin https://grafana.com/grafana/plugins/marcusolsson-json-datasource/ is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing JSON data from a remote endpoint including a specific sub-path configured by an administrator. Due to inadequate...
CVE-2023-5123
CVE-2023-5123 affects the Grafana JSON datasource plugin (Marcus Olsson) used to fetch JSON data from a configured remote endpoint. The root cause is inadequate sanitization of the dashboard-supplied path parameter, allowing path traversal characters (../) to escape the configured sub-path and ta...