CVE-2022-39324Cross-site Scripting in Grafana

CWE-79Cross-site ScriptingCWE-472External Control of Assumed-Immutable Web ParameterCWE-1220Insufficient Granularity of Access ControlCWE-863Incorrect Authorization8 documents5 sources
Severity
3.5LOWNVD
CNA6.7
EPSS
0.2%
top 63.79%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
GrafanaGithub.com Grafana Grafana
Timeline
PublishedJan 27
Latest updateJul 2

Description

Grafana is an open-source platform for monitoring and observability. Prior to versions 8.5.16 and 9.2.8, malicious user can create a snapshot and arbitrarily choose the `originalUrl` parameter by editing the query, thanks to a web proxy. When another user opens the URL of the snapshot, they will be presented with the regular web interface delivered by the trusted Grafana server. The `Open original dashboard` button no longer points to the to the real original dashboard but to the attacker’s inje

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:NExploitability: 2.1 | Impact: 1.4

Affected Packages3 packages

CVEListV5grafana/grafana< 8.5.16+1
NVDgrafana/grafana9.0.09.2.8+1
Gogithub.com/grafana_grafana9.0.09.2.8+1

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

6
GHSA
aimeos/ai-admin-graphql improper access control vulnerability allows editors to manage own services2024-07-02
OSV
Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana2024-06-05
GHSA
Grafana Spoofing originalUrl of snapshots2024-05-14
OSV
Grafana Spoofing originalUrl of snapshots2024-05-14
CVEList
Grafana vulnerable to spoofing originalUrl of snapshots2023-01-27

📋Vendor Advisories

1
Red Hat
grafana: Spoofing of the originalUrl parameter of snapshots2023-01-30
CVE-2022-39324 — Cross-site Scripting in Grafana | cvebase