Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Hosting

Grafana

The open-source platform for monitoring and observability.

Official Site:

https://grafana.com/get

Severity Summary:

Critical: 7 High: 25 Medium: 38 Low: 4
Reference
Title
Severity
CVE-2020-13379
Grafana Server-Side Request Forgery (SSRF) Vulnerability
High
CVE-2022-21703
Grafana Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2022-39307
Grafana Vulnerability
Medium
CVE-2023-22462
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-23552
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-0507
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-0594
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-1410
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-2801
Grafana Improper Synchronization Vulnerability
Medium
CVE-2023-2183
Grafana Missing Authorization Vulnerability
Medium
CVE-2023-6152
Grafana Incorrect Authorization Vulnerability
Medium
CVE-2025-41117
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2026-21722
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2022-39229
Grafana Improper Authentication Vulnerability
Medium
CVE-2019-19499
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-19039
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-12099
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-12459
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-12458
Grafana Cleartext Storage of Sensitive Information Vulnerability
Medium
CVE-2018-18624
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-12052
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-12245
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-15635
Grafana Insufficiently Protected Credentials Vulnerability
Medium
CVE-2020-24303
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-13068
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1000816
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-35957
Grafana Authentication Bypass by Spoofing Vulnerability
Medium
CVE-2021-28147
Grafana Other Vulnerability
Medium
CVE-2018-18623
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-28146
Grafana Incorrect Authorization Vulnerability
Medium