Vulnerabilities > Grafana > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-14 | CVE-2023-5122 | Server-Side Request Forgery (SSRF) vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.3 |
| 2024-02-13 | CVE-2023-6152 | Incorrect Authorization vulnerability in Grafana A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verify_email_enabled" will only validate email only on sign up. | 5.4 |
| 2023-10-25 | CVE-2023-3010 | Cross-site Scripting vulnerability in Grafana Worldmap Panel Grafana is an open-source platform for monitoring and observability. | 6.1 |
| 2023-06-06 | CVE-2023-2183 | Missing Authorization vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 6.4 |
| 2023-06-06 | CVE-2023-2801 | Improper Synchronization vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.3 |
| 2023-03-23 | CVE-2023-1410 | Cross-site Scripting vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. | 4.8 |
| 2023-03-02 | CVE-2023-22462 | Cross-site Scripting vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.4 |
| 2023-03-01 | CVE-2023-0507 | Cross-site Scripting vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.4 |
| 2023-03-01 | CVE-2023-0594 | Cross-site Scripting vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.4 |
| 2023-01-27 | CVE-2022-23552 | Cross-site Scripting vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. | 5.4 |