VDB
BIT-grafana-2022-23552
BIT-grafana-2022-23552
PUBLISHED
CVSS 5.400000095367432 MEDIUM
Grafana stored XSS in FileUploader component
Risk Scores
CVSS v3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | grafana | 8.1.0, 9.0.0, 9.3.0 |
Timeline
- Mar 6, 2024 CVE Published
- Oct 14, 2025 CVE Updated
References
- https://github.com/grafana/grafana/commit/1c8a50b36973bd59a1cc5f34c30de8a9a6a431f0 url
- https://github.com/grafana/grafana/commit/8b574e22b53aa4c5a35032a58844fd4aaaa12f5f url
- https://github.com/grafana/grafana/commit/c022534e3848a5d45c0b3face23b43aa44e4400a url
- https://github.com/grafana/grafana/pull/62143 url
- https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv url
- https://security.netapp.com/advisory/ntap-20230302-0008/ url
- https://nvd.nist.gov/vuln/detail/CVE-2022-23552 url