QID 150644

Grafana is a multi-platform open source analytics and interactive visualization web application. It provides charts, graphs, and alerts for the web when connected to supported data sources.

Affected version of Grafana is vulnerable to stored XSS vulnerability in the GeoMap core plugin. The vulnerability, occurs because SVG files are not properly sanitized, allowing arbitrary JavaScript to be executed by the authorized user of the Grafana instance.
To exploit this vulnerability, an attacker must have the Editor role and either change a panel to include an external URL to a malicious SVG file or use the data: scheme to load an inline SVG file. This opens the possibility for vertical privilege escalation, where an Editor user can obtain a known password for an Admin user if the Admin user views a dashboard containing the malicious JavaScript.

Affected Versions:
Grafana versions from 8.1.0 to 8.5.16
Grafana versions from 9.0.0 to 9.2.10
Grafana versions from 9.3.0 to 9.3.4

QID Detection Logic :
This QID sends an HTTP GET request and retrieves a vulnerable version of a Grafana running on the target application.

Successful exploitation could allow an attacker to execute arbitrary JavaScript code in the context of the interface or allow the attacker to access sensitive, browser-based information.