CVE-2020-13429

legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.
References
Link Resource
https://github.com/grafana/piechart-panel/releases/tag/v1.5.0 Release Notes Third Party Advisory
https://github.com/grafana/piechart-panel/issues/218 Issue Tracking Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:grafana:piechart-panel:*:*:*:*:*:grafana:*:*

Information

Published : 2020-05-24 11:15

Updated : 2020-05-26 08:52


NVD link : CVE-2020-13429

Mitre link : CVE-2020-13429


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

grafana

  • piechart-panel