Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 9.2.10, or 9.3.x earlier than 9.3.4. It is, therefore, affected by a cross-site scripting vulnerability.

Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported version number.

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available.

  - Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal     audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin     Text. The stored XSS vulnerability requires several user interactions in order to be fully exploited.
    The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML     code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to     have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the     same Text panel, and click on Markdown or HTML for the code to be executed. This means that vertical     privilege escalation is possible, where a user with Editor role can change to a known password for a user     having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This     issue has been patched in versions 9.2.10 and 9.3.4. (CVE-2023-22462)

Note that Nessus relies on the presence of the package as reported by the vendor.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6dccc186-b824-11ed-b695-6c3be5272acd advisory.

  - Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal     audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin     Text. The stored XSS vulnerability requires several user interactions in order to be fully exploited.
    The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML     code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to     have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the     same Text panel, and click on Markdown or HTML for the code to be executed. This means that vertical     privilege escalation is possible, where a user with Editor role can change to a known password for a user     having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This     issue has been patched in versions 9.2.10 and 9.3.4. (CVE-2023-22462)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
114865	Grafana 9.3.x < 9.3.4 Cross-site Scripting	Web App Scanning	Component Vulnerability	medium
114864	Grafana < 9.2.10 Cross-site Scripting	Web App Scanning	Component Vulnerability	medium
225999	Linux Distros Unpatched Vulnerability : CVE-2023-22462	Nessus	Misc.	medium
172084	FreeBSD : Grafana -- Stored XSS in text panel plugin (6dccc186-b824-11ed-b695-6c3be5272acd)	Nessus	FreeBSD Local Security Checks	medium

Detections

Analytics

CVE-2023-22462

medium

Tenable Plugins

medium

medium

medium

medium