vulnerability

SUSE: CVE-2025-2703: SUSE Linux Security Advisory

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:M/Au:S/C:C/I:P/A:P)
Published
Apr 23, 2025
Added
Jun 20, 2025
Modified
Aug 11, 2025

Description

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability.

A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.

Solutions

suse-upgrade-golang-github-prometheus-node_exportersuse-upgrade-grafanasuse-upgrade-prometheus-blackbox_exporter

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today