Medium severity6.1NVD Advisory· Published Jun 11, 2018· Updated Jun 17, 2026
CVE-2018-12099
CVE-2018-12099
Description
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/grafana/grafanaGo | < 5.2.0-beta1 | 5.2.0-beta1 |
Affected products
18- ghsa-coords18 versionspkg:golang/github.com/grafana/grafanapkg:rpm/suse/grafana&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/grafana&distro=SUSE%20Enterprise%20Storage%205pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/grafana&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/kafka&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/logstash&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/logstash&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208pkg:rpm/suse/monasca-installer&distro=SUSE%20OpenStack%20Cloud%207pkg:rpm/suse/openstack-monasca-installer&distro=HPE%20Helion%20OpenStack%208pkg:rpm/suse/openstack-monasca-installer&distro=SUSE%20OpenStack%20Cloud%208pkg:rpm/suse/openstack-monasca-installer&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208
< 5.2.0-beta1+ 17 more
- (no CPE)range: < 5.2.0-beta1
- (no CPE)range: < 4.5.1-4.3.1
- (no CPE)range: < 4.6.5-3.10.1
- (no CPE)range: < 4.5.1-1.8.1
- (no CPE)range: < 4.5.1-4.3.1
- (no CPE)range: < 4.5.1-4.3.1
- (no CPE)range: < 0.9.0.1-5.3.1
- (no CPE)range: < 0.10.2.2-5.1
- (no CPE)range: < 0.9.0.1-5.3.1
- (no CPE)range: < 0.9.0.1-5.3.1
- (no CPE)range: < 2.4.1-5.4.1
- (no CPE)range: < 2.4.1-5.1
- (no CPE)range: < 2.4.1-5.4.1
- (no CPE)range: < 2.4.1-5.4.1
- (no CPE)range: < 20180608_12.47-9.1
- (no CPE)range: < 20180622_15.06-3.6.1
- (no CPE)range: < 20180622_15.06-3.6.1
- (no CPE)range: < 20180622_15.06-3.6.1
Patches
Vulnerability mechanics
References
6- github.com/grafana/grafana/pull/11813nvdExploitIssue TrackingPatchThird Party AdvisoryWEB
- github.com/advisories/GHSA-v5gq-qvjq-8p53ghsaADVISORY
- github.com/grafana/grafana/releases/tag/v5.2.0-beta1nvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-12099ghsaADVISORY
- security.netapp.com/advisory/ntap-20190416-0004/nvdThird Party Advisory
- security.netapp.com/advisory/ntap-20190416-0004ghsaWEB
News mentions
0No linked articles in our index yet.