legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.
References
Link | Resource |
---|---|
https://github.com/grafana/piechart-panel/releases/tag/v1.5.0 | Release Notes Third Party Advisory |
https://github.com/grafana/piechart-panel/issues/218 | Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2020-05-24 11:15
Updated : 2020-05-26 08:52
NVD link : CVE-2020-13429
Mitre link : CVE-2020-13429
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
grafana
- piechart-panel