CVE-2023-3010

Grafana is an open-source platform for monitoring and observability. The WorldMap panel plugin, versions before 1.0.4 contains a DOM XSS vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:grafana:worldmap_panel:*:*:*:*:*:grafana:*:*

History

03 May 2024, 13:15

Type Values Removed Values Added
References
  • () https://security.netapp.com/advisory/ntap-20240503-0001/ -

31 Oct 2023, 18:09

Type Values Removed Values Added
References (MISC) https://grafana.com/security/security-advisories/cve-2023-3010/ - (MISC) https://grafana.com/security/security-advisories/cve-2023-3010/ - Vendor Advisory
First Time Grafana worldmap Panel
Grafana
CWE CWE-79
CPE cpe:2.3:a:grafana:worldmap_panel:*:*:*:*:*:grafana:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

25 Oct 2023, 18:17

Type Values Removed Values Added
New CVE

Information

Published : 2023-10-25 18:17

Updated : 2024-05-03 13:15


NVD link : CVE-2023-3010

Mitre link : CVE-2023-3010

CVE.ORG link : CVE-2023-3010


JSON object : View

Products Affected

grafana

  • worldmap_panel
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')