english grammer

Amount of flashcards: 5

What is the vulnerability described in the text?

Grafana backend SQL injection

How can the SQL injection vulnerability be exploited?

By using a valid account login to the Grafana web backend and sending a malicious POST request to /api/ds/query with a modified 'rawSql' field

What is the risk level of this vulnerability?


Which versions of Grafana are affected by this vulnerability?

All versions, including the latest

Where is the affected code located?

grafana-sql package in grafana/packages/grafana-sql/src/datasource/SqlDatasource.ts file

© 2023 - Present Flashio. All rights reserved.