CVE-2020-24303
N/A
N/A
Summary
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01
- https://github.com/grafana/grafana/pull/25401
- https://security.netapp.com/advisory/ntap-20201123-0002/
References
- https://github.com/grafana/grafana/blob/master/CHANGELOG.md#710-beta-1-2020-07-01
- https://github.com/grafana/grafana/pull/25401
- https://security.netapp.com/advisory/ntap-20201123-0002/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.