Lucene search
K

5 matches found

Tenable Nessus
Tenable Nessus
added 2025/07/04 12:0 a.m.3 views

Grafana Labs 11.1.0 < 11.2.8+security-01, 11.3.5+security-01, 11.4.3+security-01, 11.5.3+security-01, 11.6.0+security-01 XSS (CVE-2025-2703)

The version of Grafana Labs installed on the remote host is affected by cross-site scripting vulnerability as referenced in the CVE-2025-2703 advisory. - The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order t...

6.8CVSS6.2AI score0.13697EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2025/06/18 2:12 a.m.3 views

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...

9.9CVSS7.3AI score0.97809EPSS
Exploits19References42
Cvelist
Cvelist
added 2025/04/23 11:36 a.m.68 views

CVE-2025-2703

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...

6.8CVSS0.13697EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/23 10:43 a.m.17 views

CVE-2025-2703

A DOM-based Cross-site scripting vulnerability exists in Grafana's built-in XY Chart plugin. This flaw allows an attacker with editor-level privileges to inject and execute arbitrary JavaScript code by editing an XY Chart Panel. The vulnerability bypasses the Content Security Policy, allowing the...

6.4CVSS6.8AI score0.13697EPSS
Exploits0References3
Circl
Circl
added 2025/04/23 8:30 a.m.43 views

CVE-2025-2703

creationtimestamp| type| source ---|---|--- 2025-04-23 08:30:30+00:00| seen| https://bsky.app/profile/grafana.bsky.social/post/3lnhroytxvs2w 2025-04-23 10:38:14+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3lnhytg4c222p 2025-04-23 12:19:33+00:00| seen|...

6.8CVSS6.6AI score0.13697EPSS
Exploits0References11
Rows per page
Query Builder