Vulnerabilities > Grafana

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-20	CVE-2018-1000816	Cross-site Scripting vulnerability in Grafana 5.2.4/5.3.0 Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. network grafana CWE-79	3.5
2018-12-13	CVE-2018-19039	Information Exposure vulnerability in multiple products Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. network low complexity grafana redhat netapp CWE-200	4.0
2018-08-29	CVE-2018-15727	Improper Authentication vulnerability in multiple products Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. network low complexity grafana redhat CWE-287	7.5
2018-06-11	CVE-2018-12099	Cross-site Scripting vulnerability in multiple products Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. network grafana netapp CWE-79	4.3

Vulnerabilities > Grafana {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Grafana"}]}