Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Grafana Incorrect Authorization Vulnerability - CVE-2023-6152 - Vulnerability Database
Grafana

Grafana Incorrect Authorization Vulnerability - CVE-2023-6152

Medium
Reference: CVE-2023-6152
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-6152
Title: Grafana Incorrect Authorization Vulnerability
Overview:

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option quotverify_email_enabledquot will only validate email only on sign up.