Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Web Hosting

Grafana

The open-source platform for monitoring and observability.

Official Site:

https://grafana.com/get

Severity Summary:

Critical: 8 High: 28 Medium: 43 Low: 5
Reference
Title
Severity
CVE-2020-12052
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-12245
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-15635
Grafana Insufficiently Protected Credentials Vulnerability
Medium
CVE-2020-24303
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2019-13068
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1000816
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-19039
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2018-12099
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-21713
Grafana Incorrect Authorization Vulnerability
Medium
CVE-2022-39229
Grafana Improper Authentication Vulnerability
Medium
CVE-2020-11110
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-31097
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2022-21702
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-43813
Grafana Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2022-21673
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-43815
Grafana Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2021-41174
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2021-28146
Grafana Incorrect Authorization Vulnerability
Medium
CVE-2021-28147
Grafana Other Vulnerability
Medium
CVE-2024-10452
Grafana Authorization Bypass Through User-Controlled Key Vulnerability
Low
CVE-2026-21725
Grafana Time-of-check Time-of-use (TOCTOU) Race Condition Vulnerability
Low
CVE-2022-36062
Grafana Improper Preservation of Permissions Vulnerability
Low
CVE-2026-21727
Grafana Incorrect Permission Assignment for Critical Resource Vulnerability
Low
CVE-2022-39324
Grafana Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Low