HTML Injection in Panel Drilldown Links in Grafana before 6.2.5

CVE-2019-13068 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).

Learn more about our Web Application Penetration Testing UK.