2 matches found
Grafana alerting wrong permission on datasource rule write endpoint
In Grafana, the wrong permission is applied to the alert rule write API endpoint, allowing users with permission to write external alert instances to also write alert rules. This vulnerability first appeared in Grafana v8.5.0, and is fixed in v11.2.1, v11.1.6, v11.0.5, v10.4.9, and v10.3.10...
mycapitol.captechu.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1007151 Security Researcher devl00p Helped patch 3013 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting mycapitol.captechu.edu...