Affected by GO-2022-0342
and 26 other vulnerabilities
GO-2022-0342 : Grafana XSS in Dashboard Text Panel in github.com/grafana/grafana
GO-2022-0707 : Grafana Authentication Bypass in github.com/grafana/grafana
GO-2024-2483 : Grafana XSS via adding a link in General feature in github.com/grafana/grafana
GO-2024-2510 : Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana
GO-2024-2513 : Grafana information disclosure in github.com/grafana/grafana
GO-2024-2515 : Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana
GO-2024-2516 : Grafana XSS via a column style in github.com/grafana/grafana
GO-2024-2517 : Grafana XSS in header column rename in github.com/grafana/grafana
GO-2024-2519 : Grafana world readable configuration files in github.com/grafana/grafana
GO-2024-2520 : Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana
GO-2024-2523 : Grafana stored XSS in github.com/grafana/grafana
GO-2024-2629 : Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana
GO-2024-2661 : Arbitrary file read in github.com/grafana/grafana
GO-2024-2697 : Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana
GO-2024-2843 : Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana
GO-2024-2844 : Grafana User enumeration via forget password in github.com/grafana/grafana
GO-2024-2847 : Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana
GO-2024-2848 : Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana
GO-2024-2851 : Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana
GO-2024-2852 : Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana
GO-2024-2854 : Grafana folders admin only permission privilege escalation in github.com/grafana/grafana
GO-2024-2855 : Grafana Plugin signature bypass in github.com/grafana/grafana
GO-2024-2856 : Grafana Race condition allowing privilege escalation in github.com/grafana/grafana
GO-2024-2857 : Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana
GO-2024-2867 : Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana
GO-2024-3079 : Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana
GO-2024-3215 : Grafana Command Injection And Local File Inclusion Via Sql Expressions in github.com/grafana/grafana
Discover Packages
github.com/grafana/grafana
pkg
plugins
manager
loader
assetpath
package
Version:
v0.0.0-kmdagger1
Opens a new window with list of versions in this module.
Published: Jun 8, 2023
License: AGPL-3.0
Opens a new window with license information.
Imports: 7
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
Documentation
¶
Service provides methods for constructing asset paths for plugins.
It supports core plugins, external plugins stored on the local filesystem, and external plugins stored
on the plugins CDN, and it will switch to the correct implementation depending on the plugin and the config.
Base returns the base path for the specified plugin.
Module returns the module.js path for the specified plugin.
RelativeURL returns the relative URL for an arbitrary plugin asset.
If pathStr is an empty string, defaultStr is returned.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.