CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-18625

Grafana 5.3.1 has XSS via a link on the "Dashboard > All Panels > General" screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.008

EPSS Ranking 73.6%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://github.com/grafana/grafana/pull/11813
https://security.netapp.com/advisory/ntap-20200608-0008/
https://github.com/grafana/grafana/pull/11813
https://security.netapp.com/advisory/ntap-20200608-0008/

Products affected by CVE-2018-18625

Grafana » Grafana » Version: 5.3.1

cpe:2.3:a:grafana:grafana:5.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-18625

Products

Pricing

Contact Us