FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Grafana -- DOM XSS vulnerability

Affected packages
11.1.0 <= grafana < 11.2.8+security-01
11.3.0 <= grafana < 11.3.5+security-01
11.4.0 <= grafana < 11.4.3+security-01
11.5.0 <= grafana < 11.5.3+security-01
11.6.0 <= grafana < 11.6.0+security-01

Details

VuXML ID f8b7af82-2116-11f0-8ca6-6c3be5272acd
Discovery 2025-03-14
Entry 2025-04-24

Grafana Labs reports:

An external security researcher responsibly reported a security vulnerability in Grafana’s built-in XY chart plugin that is vulnerable to a DOM XSS vulnerability.

The CVSS score for this vulnerability is 6.8 MEDIUM.

[source]

References

CVE Name CVE-2025-2703
URL https://grafana.com/security/security-advisories/cve-2025-2703/

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.