CVE-2019-13068

public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
Configurations

Configuration 1 (hide)

cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*

History

27 Mar 2023, 18:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/171500/Grafana-6.2.4-HTML-Injection.html -

Information

Published : 2019-06-30 00:15

Updated : 2023-12-10 12:59


NVD link : CVE-2019-13068

Mitre link : CVE-2019-13068

CVE.ORG link : CVE-2019-13068


JSON object : View

Products Affected

grafana

  • grafana
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')