daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add space and remove tag from non-loading Grafana template

patch-1
Joshua Rogers 2022-12-08 11:40:13 +11:00
parent 94e1e03e55
commit d38ddd1804
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2020/CVE-2020-11110.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2020-11110
info:
name: Grafana <=6.7.1 - Cross-Site Scripting
name: Grafana <= 6.7.1 - Cross-Site Scripting
author: emadshanab
severity: medium
description: Grafana through 6.7.1 contains an unauthenticated stored cross-site scripting vulnerability due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.

2
vulnerabilities/grafana/grafana-file-read.yaml
View File

@ -18,7 +18,7 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
tags: grafana,lfi,fuzz
tags: grafana,lfi
requests:
- method: GET