Grafana · Grafana Piechart-Panel Plugin · CVE-2015-9282
**Name of the Vulnerable Software and Affected Versions**
Grafana Pie Chart Panel plugin versions prior to 2019-01-02
**Description**
The issue allows an attacker to gain remote unauthenticated access to a Grafana dashboard when a chart is included. This is possible due to XSS via legend data or tooltip data.
**Recommendations**
For versions prior to 2019-01-02, update the Pie Chart Panel plugin to a version released after 2019-01-02 to resolve the issue.