Unrated severityNVD Advisory· Published May 24, 2020· Updated Aug 4, 2024
CVE-2020-13429
CVE-2020-13429
Description
legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option.
Affected products
6- Grafana/piechart-paneldescription
- Range: <1.5.0
- osv-coords4 versionspkg:rpm/opensuse/grafana-piechart-panel&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/grafana-piechart-panel&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/grafana-piechart-panel&distro=openSUSE%20Tumbleweedpkg:rpm/suse/grafana-piechart-panel&distro=SUSE%20Enterprise%20Storage%206
< 1.6.1-lp152.2.6.1+ 3 more
- (no CPE)range: < 1.6.1-lp152.2.6.1
- (no CPE)range: < 1.6.1-3.6.1
- (no CPE)range: < 1.6.1-2.2
- (no CPE)range: < 1.6.1-3.3.1
Patches
Vulnerability mechanics
References
2- github.com/grafana/piechart-panel/issues/218mitrex_refsource_MISC
- github.com/grafana/piechart-panel/releases/tag/v1.5.0mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.