PT-2019-7242 · Grafana · Grafana Piechart-Panel Plugin
Feroz Salamon
·
Publicado
2019-02-06
·
Atualizado
2019-06-11
·
CVE-2015-9282
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
Grafana Pie Chart Panel plugin versions prior to 2019-01-02
Description
The issue allows an attacker to gain remote unauthenticated access to a Grafana dashboard when a chart is included. This is possible due to XSS via legend data or tooltip data.
Recommendations
For versions prior to 2019-01-02, update the Pie Chart Panel plugin to a version released after 2019-01-02 to resolve the issue.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Grafana Piechart-Panel Plugin