FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
ecffb881-a7a7-11ed-8d6a-6c3be5272acd	Grafana -- Stored XSS in ResourcePicker component Grafana Labs reports: On 2022-12-16 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to SVG-files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance. Discovery 2022-12-16 Entry 2023-02-09 grafana ge 8.1.0 lt 8.5.16 ge 9.0.0 lt 9.2.10 ge 9.3.0 lt 9.3.4 grafana8 ge 8.1.0 lt 8.5.16 grafana9 ge 9.0.0 lt 9.2.10 ge 9.3.0 lt 9.3.4 CVE-2022-23552 https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv

VuXML ID

Description

ecffb881-a7a7-11ed-8d6a-6c3be5272acd

Grafana -- Stored XSS in ResourcePicker component

Grafana Labs reports:

On 2022-12-16 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin GeoMap.

The stored XSS vulnerability was possible due to SVG-files weren't properly sanitized and allowed arbitrary JavaScript to be executed in the context of the currently authorized user of the Grafana instance.

Discovery 2022-12-16
Entry 2023-02-09
grafana

ge 8.1.0 lt 8.5.16

ge 9.0.0 lt 9.2.10

ge 9.3.0 lt 9.3.4

grafana8

ge 8.1.0 lt 8.5.16

grafana9

ge 9.0.0 lt 9.2.10

ge 9.3.0 lt 9.3.4

CVE-2022-23552
https://github.com/grafana/grafana/security/advisories/GHSA-8xmm-x63g-f6xv