Lucene search
K

4 matches found

OSV
OSV
added 2026/02/20 8:41 a.m.5 views

BIT-GRAFANA-2025-41117 XSS in Grafana Explore stack trace

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

6.8CVSS5.5AI score0.0026EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/13 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2025-41117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious...

6.8CVSS5.4AI score0.0026EPSS
Exploits0References3
OSV
OSV
added 2026/02/12 9:30 a.m.6 views

GHSA-CQP7-WF4C-3XGC Grafana has a Cross-site Scripting issue

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

6.8CVSS5.8AI score0.0026EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2026/02/12 9:30 a.m.12 views

Grafana has a Cross-site Scripting issue

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

6.8CVSS5.8AI score0.0026EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder