Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where the payload was previously inserted..
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Grafana 跨站脚本漏洞
Vulnerability Description
Grafana是一套提供可视化监控界面的开源监控工具。该工具主要用于监控和分析Graphite、InfluxDB和Prometheus等。 Grafana 5.2.4版本和5.3.0版本中的Influxdb and Graphite查询编辑器存在跨站脚本漏洞。远程攻击者可借助input字段利用该漏洞在用户浏览器中执行任意JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A