Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-22462

6.4 MEDIUM

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): NONE

created 2 months ago

Stored XSS in Grafana Text plugin

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be fully exploited. The vulnerability was possible due to React's render cycle that will pass though the unsanitized HTML code, but in the next cycle the HTML is cleaned up and saved in Grafana's database. An attacker needs to have the Editor role in order to change a Text panel to include JavaScript. Another user needs to edit the same Text panel, and click on "Markdown" or "HTML" for the code to be executed. This means that vertical privilege escalation is possible, where a user with Editor role can change to a known password for a user having Admin role if the user with Admin role executes malicious JavaScript viewing a dashboard. This issue has been patched in versions 9.2.10 and 9.3.4.

References

https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC
https://security.netapp.com/advisory/ntap-20230413-0004/
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM x_transferred
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC x_transferred
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC x_transferred
https://security.netapp.com/advisory/ntap-20230413-0004/ x_transferred
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC
https://security.netapp.com/advisory/ntap-20230413-0004/
https://security.netapp.com/advisory/ntap-20230413-0004/ x_transferred
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM x_transferred
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC x_transferred
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC x_transferred
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC
https://security.netapp.com/advisory/ntap-20230413-0004/
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC x_transferred
https://security.netapp.com/advisory/ntap-20230413-0004/ x_transferred
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM x_transferred
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC x_transferred
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC
https://security.netapp.com/advisory/ntap-20230413-0004/
https://github.com/grafana/grafana/security/advisories/GHSA-7rqg-hjwc-6mjf x_refsource_CONFIRM x_transferred
https://github.com/grafana/grafana/commit/db83d5f398caffe35c5846cfa7727d1a2a414165 x_refsource_MISC x_transferred
https://grafana.com/blog/2023/02/28/grafana-security-release-new-versions-with-security-fixes-for-cve-2023-0594-cve-2023-0507-and-cve-2023-22462/ x_refsource_MISC x_transferred
https://security.netapp.com/advisory/ntap-20230413-0004/ x_transferred

Affected products

grafana

==>= 9.3, < 9.3.4
==>= 9.2, < 9.2.10

Matching in nixpkgs

pkgs.grafana

Gorgeous metric viz, dashboards & editors for Graphite, InfluxDB & OpenTSDB

nixos-unstable 12.3.0
- nixpkgs-unstable 12.3.0
- nixos-unstable-small 12.3.0

pkgs.grafanactl

Tool designed to simplify interaction with Grafana instances

nixos-unstable 0.1.7
- nixpkgs-unstable 0.1.7
- nixos-unstable-small 0.1.7

pkgs.mcp-grafana

MCP server for Grafana

nixos-unstable 0.7.9
- nixpkgs-unstable 0.7.9
- nixos-unstable-small 0.7.9

pkgs.grafana-loki

Like Prometheus, but for logs

nixos-unstable 3.5.8
- nixpkgs-unstable 3.5.8
- nixos-unstable-small 3.5.8

pkgs.grafana-alloy

Open source OpenTelemetry Collector distribution with built-in Prometheus pipelines and support for metrics, logs, traces, and profiles

nixos-unstable 1.11.3
- nixpkgs-unstable 1.11.3
- nixos-unstable-small 1.11.3

pkgs.grafana-kiosk

Kiosk Utility for Grafana

nixos-unstable 1.0.10
- nixpkgs-unstable 1.0.10
- nixos-unstable-small 1.0.10

pkgs.grafana-to-ntfy

Grafana-to-ntfy (ntfy.sh) alerts channel

nixos-unstable 0-unstable-2025-01-25
- nixpkgs-unstable 0-unstable-2025-01-25
- nixos-unstable-small 0-unstable-2025-01-25

pkgs.grafana-dash-n-grab

Grafana Dash-n-Grab (gdg) -- backup and restore Grafana dashboards, datasources, and other entities

nixos-unstable 0.8.1
- nixpkgs-unstable 0.8.1
- nixos-unstable-small 0.8.1

pkgs.grafana-image-renderer

Grafana backend plugin that handles rendering of panels & dashboards to PNGs using headless browser (Chromium/Chrome)

nixos-unstable 5.0.10
- nixpkgs-unstable 5.0.10
- nixos-unstable-small 5.0.10

pkgs.dhallPackages.dhall-grafana

None

nixos-unstable 49a3ee4801cf64f479e3f0bad839a5dd8e5b4932
- nixpkgs-unstable 49a3ee4801cf64f479e3f0bad839a5dd8e5b4932
- nixos-unstable-small 49a3ee4801cf64f479e3f0bad839a5dd8e5b4932

pkgs.terraform-providers.grafana

None

pkgs.python312Packages.grafanalib

Library for building Grafana dashboards

nixos-unstable 0.7.1
- nixpkgs-unstable 0.7.1
- nixos-unstable-small 0.7.1

pkgs.python313Packages.grafanalib

Library for building Grafana dashboards

nixos-unstable 0.7.1
- nixpkgs-unstable 0.7.1
- nixos-unstable-small 0.7.1

pkgs.haskellPackages.amazonka-grafana

Amazon Managed Grafana SDK

nixos-unstable 2.0-unstable-2025-04-16
- nixpkgs-unstable 2.0-unstable-2025-04-16
- nixos-unstable-small 2.0-unstable-2025-04-16

pkgs.grafanaPlugins.grafana-oncall-app

Developer-friendly incident response for Grafana

nixos-unstable 1.16.6
- nixpkgs-unstable 1.16.6
- nixos-unstable-small 1.16.6

pkgs.grafanaPlugins.grafana-clock-panel

Clock panel for Grafana

nixos-unstable 2.1.9
- nixpkgs-unstable 2.1.9
- nixos-unstable-small 2.1.9

pkgs.terraform-providers.grafana_grafana

None

nixos-unstable 4.17.0
- nixpkgs-unstable 4.17.0
- nixos-unstable-small 4.17.0

pkgs.grafanaPlugins.grafana-pyroscope-app

Integrate seamlessly with Pyroscope, the open-source continuous profiling platform, providing a smooth, query-less experience for browsing and analyzing profiling data