Early Access — Mondoo Vulnerability Intelligence is currently in preview.
An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL
Exploitability
AV:NAC:HPR:NUI:RScope
S:UImpact
C:LI:LA:N4.2/CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:NInput Validation