Home

CVE-2019-13068

Description

public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).

Risk Information

Base Score
5.4
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
EPSS Score
Exploitation Probability
7.732

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-13068 are affected in GrafanaEnterprise 6.2.4Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-335779GrafanaEnterprise (10.3.1)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234