{"vulnerability": "CVE-2020-11110", "sightings": [{"uuid": "a73daf5b-fa8c-4916-89c3-520400ab97c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11110", "type": "seen", "source": "https://t.me/arpsyndicate/2609", "content": "#ExploitObserverAlert\n\nCVE-2020-11110\n\nDESCRIPTION: Exploit Observer has 10 entries related to CVE-2020-11110. Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.\n\nFIRST-EPSS: 0.005120000\nNVD-IS: 2.7\nNVD-ES: 2.3", "creation_timestamp": "2024-01-07T03:27:04.000000Z"}, {"uuid": "93c64d0e-a90a-4aee-9603-46d4147a9040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11110", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/5474", "content": "Exploit CVE-2020-11110 Grafana Stored XSS\n\nhttps://ctf-writeup.revers3c.com/challenges/web/CVE-2020-11110/index.html", "creation_timestamp": "2021-06-19T00:23:22.000000Z"}, {"uuid": "88948896-8a89-45a9-ac92-573a5ee804f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11110", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9743", "content": "#exploit\n1. CVE-2023-31446:\nDodge OPTIFY RCE\nhttps://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution\n\n2. CVE-2020-11110:\nGrafana Stored CSS\nhttps://github.com/AVE-Stoik/CVE-2020-11110-Proof-of-Concept/tree/main\n\n3.\u00a0CVE-2023-51467:\nApache Ofbiz Exploit\nhttps://github.com/JaneMandy/CVE-2023-51467-Exploit", "creation_timestamp": "2024-01-07T22:09:15.000000Z"}, {"uuid": "c80b8e16-0230-42e6-bd97-523709483c57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11110", "type": "seen", "source": "https://t.me/cibsecurity/13673", "content": "ATENTION\u203c New - CVE-2020-11110\n\nGrafana through 6.7.1 allows stored XSS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-27T16:55:21.000000Z"}, {"uuid": "4da4dbc1-6f86-4fe0-af65-f014cc7330fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11110", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2439", "content": "#exploit\n1. CVE-2023-31446:\nDodge OPTIFY RCE\nhttps://github.com/Dodge-MPTC/CVE-2023-31446-Remote-Code-Execution\n\n2. CVE-2020-11110:\nGrafana Stored CSS\nhttps://github.com/AVE-Stoik/CVE-2020-11110-Proof-of-Concept/tree/main\n\n3.\u00a0CVE-2023-51467:\nApache Ofbiz Exploit\nhttps://github.com/JaneMandy/CVE-2023-51467-Exploit", "creation_timestamp": "2024-08-16T09:01:19.000000Z"}]}