3 matches found
SUSE CVE-2026-21724
A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the provisioning contact points API. An attacker can modify protected webhook URLs without possessing the required permissions by sending crafted requests as a user with the Editor role. Remediation Upgrade...
UBUNTU-CVE-2026-21724
A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission...