Vulnerability Database
Blog
FAQ
Docs
GHSA-v5gq-qvjq-8p53
Suggest an improvement
Source
https://github.com/advisories/GHSA-v5gq-qvjq-8p53
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-v5gq-qvjq-8p53/GHSA-v5gq-qvjq-8p53.json
JSON Data
https://api.osv.dev/v1/vulns/GHSA-v5gq-qvjq-8p53
Aliases
CVE-2018-12099
GO-2024-2510
Published
2024-01-31T23:28:40Z
Modified
2024-06-28T15:59:56.841963Z
Severity
6.1 (Medium)
CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVSS Calculator
Summary
Grafana Cross-site Scripting (XSS)
Details
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
References
https://nvd.nist.gov/vuln/detail/CVE-2018-12099
https://github.com/grafana/grafana/pull/11813
https://github.com/grafana/grafana/releases/tag/v5.2.0-beta1
https://security.netapp.com/advisory/ntap-20190416-0004
Affected packages
Go
/
github.com/grafana/grafana
Package
Name
github.com/grafana/grafana
View open source insights on deps.dev
Purl
pkg:golang/github.com/grafana/grafana
Affected ranges
Type
SEMVER
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
5.2.0-beta1
GHSA-v5gq-qvjq-8p53 - OSV