Back to directory

WRITEUP #3002

CVE-2022-21703: cross-origin request forgery against Grafana

CSRFSSRF

by@jub0bs(Julien Cretel)

Program

Grafana Labs

Published

Feb 8, 2022

Added to HackDex

Sep 15, 2022

Read Full Writeuphttps://jub0bs.com/posts/2022-02-08-cve-2022-21703-writeup/

▸ RELATED WRITEUPS

Vulnerabilities in Homepage Dashboard

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities

XSSReflected XSS

IIS welcome page to source code review to LFI!

CSRF Bypass Using Domain Confusion Leads To ATO

CSRFAccount takeover

Built with ❤️ by Shubham Rawat