CVE-2018-18623

CVE-2018-18623

EPSS 1.8%

Grafana 5.3.1 has XSS via the "Dashboard > Text Panel" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/grafana/grafana/issues/15293 https://github.com/grafana/grafana/pull/11813 https://github.com/grafana/grafana/releases/tag/v6.0.0 https://security.netapp.com/advisory/ntap-20200608-0008/