Miggo Logo
Miggo Vulnerability Database
CVE-2018-18625

CVE-2018-18625:
Grafana XSS via adding a link in General feature

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2018-18625
GHSA ID
GHSA-6wh2-8hw7-jw94
EPSS Score
0.73489%
CWE
CWE-79
Published
1/30/2024
Updated
1/30/2024
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/grafana/grafanago< 6.0.0-beta16.0.0-beta1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The XSS vulnerability arises from insufficient URL encoding in the TemplateSrv.formatValue method when processing 'urlescape' or 'percentencode' formats. The 'urlescape' case used escape(), which is insecure, and 'percentencode' used a custom encodeURIQueryValue method that didn't properly encode all characters. These functions process user input and output insufficiently escaped strings, which when rendered in links, allow XSS. The patches replaced these with proper encoding using encodeURIComponentStrict, confirming the vulnerability in the original functions.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*r***n* *.*.* **s XSS vi* * link on t** "**s**o*r* > *ll P*n*ls > **n*r*l" s*r**n. NOT*: t*is issu* *xists ****us* o* *n in*ompl*t* *ix *or *V*-****-*****.

Reasoning

T** XSS vuln*r**ility *ris*s *rom insu**i*i*nt URL *n*o*in* in t** `T*mpl*t*Srv.*orm*tV*lu*` m*t*o* w**n pro**ssin* 'url*s**p*' or 'p*r**nt*n*o**' *orm*ts. T** 'url*s**p*' **s* us** `*s**p*()`, w*i** is ins**ur*, *n* 'p*r**nt*n*o**' us** * *ustom `*n