GHSA-XGX4-2WGV-4JHM PDFME has XSS via Unsanitized i18n Label Injection into innerHTML in multiVariableText propPanel

Summary The multiVariableText property panel in @pdfme/schemas constructs HTML via string concatenation and assigns it to innerHTML using unsanitized i18n label values. An attacker who can control label overrides passed through options.labels can inject arbitrary JavaScript that executes in the...

EUVD-2024-0336

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-18623

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana 5.3.1 has XSS via the Dashboard Text Panel screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099. CVE-2018-18623 Note that...

GO-2022-0342 Grafana XSS in Dashboard Text Panel in github.com/grafana/grafana

Grafana XSS in Dashboard Text Panel in github.com/grafana/grafana...

GHSA-CMQ2-J8V8-2Q44 Grafana XSS in Dashboard Text Panel

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

Grafana XSS in Dashboard Text Panel

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

Grafana < 6.0.0 XSS Vulnerability

Grafana is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:grafana:grafana"; i...

FreeBSD : Grafana -- Stored XSS in text panel plugin (6dccc186-b824-11ed-b695-6c3be5272acd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6dccc186-b824-11ed-b695-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal...

UBUNTU-CVE-2023-22462

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be...

Text panel plugin XSS

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin “Text”. The stored XSS vulnerability requires several user interactions in order to be...

SUSE CVE-2018-18623

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

TPEditor Heap Buffer Overflow Vulnerability

TPEditor is programming software for Delta Text Panel running on Windows. TPEditor 1.98.06 and earlier versions are vulnerable to a heap buffer overflow. An attacker can exploit the vulnerability to execute arbitrary code via specially crafted project files...

Delta Electronics TPEditor Buffer Error Vulnerability

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor v1.98 and prior that could allow an attacker to execute code with the privileges of the application...

Delta Electronics TPEditor Buffer Overflow Vulnerability (CNVD-2020-47576)

Delta Electronics TPEditor is a Windows-based Delta text panel programming software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics TPEditor version 1.97 and earlier. The vulnerability can be exploited by an attacker with a specially crafted project fil...

CVE-2018-18623

A flaw was found in grafana. An incomplete fix for CVE-2018-12099 allows for a XSS in the "Dashboard Text Panel" screen...

CVE-2018-18623

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

UBUNTU-CVE-2018-18623

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

CVE-2018-18623

Grafana 5.3.1 has XSS via the "Dashboard Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

CVE-2018-18623

Affected software: Grafana 5.3.1. Vulnerable surface: Dashboard UI panels (Text Panel, and related dashboard elements such as All Panels/General and Table Panel) where XSS can occur. Root cause: an incomplete fix for CVE-2018-12099 led to another XSS condition (CVE-2018-18623). Impact: cross-site...

PT-2020-8637 · Grafana · Grafana

Name of the Vulnerable Software and Affected Versions: Grafana version 5.3.1 Description: The issue is related to an incomplete fix, resulting in a XSS vulnerability via the "Dashboard Text Panel" screen. This allows for potential exploitation. Recommendations: For Grafana version 5.3.1, consider...