Grafana -- Stored XSS in ResourcePicker component
Grafana Labs reports:
On 2022-12-16 during an internal audit of Grafana, a member of the security
team found a stored XSS vulnerability affecting the core plugin GeoMap.
The stored XSS vulnerability was possible due to SVG-files weren't properly
of the currently authorized user of the Grafana instance.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright