0.001 Low
EPSS
Percentile
30.1%
github.com/grafana/grafana is vulnerable to arbitrary file read. Lack of proper handling of MySQL data source connection string allows an authenticated user having privilege to modify the configuration to read arbitrary files.
github.com/grafana/grafana/blob/master/CHANGELOG.md#644-2019-11-06
github.com/grafana/grafana/pull/20192
security.netapp.com/advisory/ntap-20200918-0003/
swarm.ptsecurity.com/grafana-6-4-3-arbitrary-file-read/