Description Grafana version < 6.7.3 is vulnerable for annotation popup XSS. Remediation References CVE-2020-12052 Related Vulnerabilities WordPress Plugin Are You a Human-The Fun Spam Blocker Cross-Site Scripting (1.4.32) WordPress Plugin Advanced Order Export For WooCommerce CSV Injection (1.5.4) e107 Other Vulnerability (CVE-2005-4051) Magento Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2019-8135) MySQL CVE-2017-3465 Vulnerability (CVE-2017-3465) Severity Medium Classification CVE-2020-12052 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Missing Update Known Vulnerabilities