Noasand

Name of the Vulnerable Software and Affected Versions: Grafana version 5.3.1 Description: The issue is related to an incomplete fix, resulting in a XSS vulnerability via the "Dashboard > Text Panel" screen. This allows for potential exploitation. Recommendations: For Grafana version 5.3.1, consider disabling the Text Panel feature in the Dashboard as a temporary workaround until a patch is available. Restrict access to the Dashboard to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Grafana versions prior to 7.0.0 Grafana version 5.3.1 Description: The issue is related to a XSS vulnerability via a column style on the "Dashboard > Table Panel" screen. This problem exists due to an incomplete fix for a previous issue. Recommendations: For Grafana version 5.3.1, consider updating to a version later than 5.3.1 to resolve the issue. For Grafana versions prior to 7.0.0, update to version 7.0.0 or later to fix the vulnerability. As a temporary workaround, consider restricting access to the "Dashboard > Table Panel" screen until a patch is available.

Name of the Vulnerable Software and Affected Versions: Grafana version 5.3.1 Description: The issue is related to an incomplete fix, resulting in a cross-site scripting (XSS) vulnerability. This can be exploited via a link on the "Dashboard > All Panels > General" screen or by adding a link in the General feature. Recommendations: For Grafana version 5.3.1, consider disabling the General feature in the Dashboard until a patch is available to prevent potential exploitation of the XSS vulnerability.