Vulnerabilities > Grafana > Grafana > 7.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-18 | CVE-2021-27358 | The snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to trigger a Denial of Service via a remote API call if a commonly used configuration is set. | 5.0 |
| 2020-12-21 | CVE-2020-27846 | Misinterpretation of Input vulnerability in multiple products A signature verification vulnerability exists in crewjam/saml. | 9.8 |
| 2020-10-28 | CVE-2020-24303 | Cross-site Scripting vulnerability in Grafana Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | 4.3 |