Grafana: >> Grafana >> 4.4.3 Security Vulnerabilities
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
CVSS Score
6.5
EPSS Score
0.092
Published
2018-12-13
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.
CVSS Score
9.8
EPSS Score
0.796
Published
2018-08-29
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
CVSS Score
6.1
EPSS Score
0.007
Published
2018-06-11
Page 4