CVE-2021-43813 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Directory traversal |
Description | A security issue has been found in Grafana before version 8.3.2 through which authenticated users could read out fully lowercase or fully uppercase .md files through directory traversal. The vulnerable URL path is: /api/plugins/.*/markdown/.* for .md files. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2609 | grafana | 8.3.0-1 | 8.3.1-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
11 Dec 2021 | ASA-202112-11 | AVG-2609 | grafana | High | directory traversal |