Vulnerabilities > Grafana > Grafana > 9.3.6

DATE CVE VULNERABILITY TITLE RISK
2024-03-07 CVE-2024-1442 Unspecified vulnerability in Grafana
A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.
network
low complexity
grafana
8.8
2023-06-06 CVE-2023-2183 Missing Authorization vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-862
6.4
2023-04-26 CVE-2023-1387 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.5
2023-03-23 CVE-2023-1410 Cross-site Scripting vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.  Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip.
network
low complexity
grafana CWE-79
4.8
2023-03-01 CVE-2023-0507 Cross-site Scripting vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-79
5.4
2023-03-01 CVE-2023-0594 Cross-site Scripting vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-79
5.4