Security Advisory

CVE-2025-2703

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-23 11:36:02

Last updated 2025-06-10 10:53:48

Assigner GRAFANA

State PUBLISHED

Description

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.

← Browse all CVEs View on cve.org ↗