4 matches found
GO-2026-5409 Grafana: SQL Expressions Read File From Disk in github.com/grafana/grafana
Grafana: SQL Expressions Read File From Disk in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...
GO-2025-3843 Grafana Infinity Datasource Plugin SSRF Vulnerability in github.com/grafana/grafana-infinity-datasource
Grafana Infinity Datasource Plugin SSRF Vulnerability in github.com/grafana/grafana-infinity-datasource...
Privilege Escalation
github.com/grafana/grafana, is vulnerable to privilege escalation. The vulnerability exists due to the race condition in the authentication middlewares logic, allowing an attacker to query an administration endpoint under a heavy load...
Cross-site Scripting (XSS)
github.com/grafana/grafana is vulnerable to cross-site scripting XSS attacks. The alertSrv function accepts html in the message alerts, allowing a malicious user to inject and execute arbitrary script...