Grafana -- Stored XSS in geomap panel plugin via attribution
Grafana Labs reports:
During an internal audit of Grafana on January 25, a member of the security
team found a stored XSS vulnerability affecting the core geomap plugin.
The stored XSS vulnerability was possible because map attributions weren’t
of the currently authorized user of the Grafana instance.
The CVSS score for this vulnerability is 7.3 High
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright