Arbitrary File Read Vulnerability in Grafana

Arbitrary File Read Vulnerability in Grafana

CVE-2018-19039 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.

Learn more about our User Device Pen Test.