Description
Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.
Remediation
References
Related Vulnerabilities
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-26268)
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
PostgreSQL Improper Input Validation Vulnerability (CVE-2019-10211)
MediaWiki Other Vulnerability (CVE-2012-5395)
WordPress Plugin NextGEN Gallery-WordPress Gallery Multiple Vulnerabilities (2.0.77)