VDB
BDU%3A2020-03230
BDU%3A2020-03230
PUBLISHED
CVSS 6.400000095367432 MEDIUM
Уязвимость компонентов column.title и cellLinkTooltip веб-инструмента представления данных Grafana, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)
Risk Scores
CVSS 2.0
6.400000095367432
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat Inc., Novell Inc., Grafana Labs | Red Hat Enterprise Linux, Red Hat Storage, OpenSUSE Leap, Grafana, Openshift Service Mesh |
Timeline
- Jul 9, 2020 CVE Published
- Mar 19, 2026 Security Advisory
References
- https://github.com/grafana/grafana/pull/23816 url
- https://github.com/grafana/grafana/blob/master/CHANGELOG.md#673-2020-04-23 url
- https://lists.opensuse.org/opensuse-security-announce/2020-06/msg00060.html url
- https://access.redhat.com/security/cve/cve-2020-12245 url
- https://nvd.nist.gov/vuln/detail/CVE-2020-12245 url
- https://community.grafana.com/t/release-notes-v6-7-x/27119 url