Grafana 11.4.x < 11.4.6 Multiples Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is prior to 11.3.8, or 11.4.x prior to 11.4.6, or 11.5.x prior to 11.5.6, or 11.6.x prior to 11.6.3, or 12.0.x prior to 12.0.2, or 12.1.x prior to 12.1.2. It is, therefore, affected by multiples vulnerabilities....

Grafana 11.5.x < 11.5.6 Multiples Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is prior to 11.3.8, or 11.4.x prior to 11.4.6, or 11.5.x prior to 11.5.6, or 11.6.x prior to 11.6.3, or 12.0.x prior to 12.0.2, or 12.1.x prior to 12.1.2. It is, therefore, affected by multiples vulnerabilities....

Grafana 12.0.x < 12.0.2 Multiples Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is prior to 11.3.8, or 11.4.x prior to 11.4.6, or 11.5.x prior to 11.5.6, or 11.6.x prior to 11.6.3, or 12.0.x prior to 12.0.2, or 12.1.x prior to 12.1.2. It is, therefore, affected by multiples vulnerabilities....

Grafana 12.1.x < 12.1.2 Multiples Vulnerabilities

According to its self-reported version, the Grafana install hosted on the remote host is prior to 11.3.8, or 11.4.x prior to 11.4.6, or 11.5.x prior to 11.5.6, or 11.6.x prior to 11.6.3, or 12.0.x prior to 12.0.2, or 12.1.x prior to 12.1.2. It is, therefore, affected by multiples vulnerabilities....

Grafana Cross-Site-Scripting (XSS) via scripted dashboards

An open redirect vulnerability has been identified in Grafana that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...