Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:41736
HistoryJul 26, 2023 - 11:27 a.m.

Stored XSS

2023-07-2611:27:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
160
grafana
stored xss
vulnerability
javascript
privilege escalation
svg
admin role

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

0.002 Low

EPSS

Percentile

52.8%

Grafana is vulnerable to Stored XSS. The vulnerability is due to not sanitizing the SVG image output displayed on the browser leading to arbitrary JavaScript to be executed in the context of the currently authorized user. The attacker with an editor role can achieve vertical privilege escalation by uploading a SVG file (using external URL or using data: scheme as an inline SVG) containing malicious JavaScript which can be executed by a user with Admin role while viewing a dashboard. This can allow attacker with an editor role to change to a known admin password.

7.3 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N

0.002 Low

EPSS

Percentile

52.8%