Vulnerabilities > Grafana > Grafana > 6.7.5

DATE CVE VULNERABILITY TITLE RISK
2020-06-03 CVE-2020-13379 Server-Side Request Forgery (SSRF) vulnerability in multiple products
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue.
network
low complexity
grafana fedoraproject netapp opensuse CWE-918
8.2
8.2
2020-05-24 CVE-2020-13430 Cross-site Scripting vulnerability in Grafana
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
network
low complexity
grafana CWE-79
6.1
6.1