4 matches found
Exploit for Path Traversal in Grafana
CVE-2021-43798 CVE-2021-43798 is a high-severity path traversa...
SUSE CVE-2025-47943
Gogs is an open source self-hosted Git service. In application version 0.14.0+dev and prior, there is a stored cross-site scripting XSS vulnerability present in Gogs, which allows client-side Javascript code execution. The vulnerability is caused by the usage of a vulnerable and outdated componen...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the pdfjs-1.4.20 component under public/plugins/. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious scripts into PDF files rendered by the...
PT-2021-7636
Name of the Vulnerable Software and Affected Versions Grafana versions 8.0.0-beta1 through 8.3.0 Description Grafana is vulnerable to a directory traversal vulnerability, allowing attackers to access local files. The vulnerable URL path is: /public/plugins//, where is the plugin ID for any...