GO-2024-2483: Grafana XSS via adding a link in General feature in github.com/grafana/grafana
GO-2024-2510: Grafana Cross-site Scripting (XSS) in github.com/grafana/grafana
GO-2024-2513: Grafana information disclosure in github.com/grafana/grafana
GO-2024-2515: Grafana XSS via the OpenTSDB datasource in github.com/grafana/grafana
GO-2024-2516: Grafana XSS via a column style in github.com/grafana/grafana
GO-2024-2517: Grafana XSS in header column rename in github.com/grafana/grafana
GO-2024-2519: Grafana world readable configuration files in github.com/grafana/grafana
GO-2024-2520: Grafana XSS via a query alias for the ElasticSearch datasource in github.com/grafana/grafana
GO-2024-2523: Grafana stored XSS in github.com/grafana/grafana
GO-2024-2629: Grafana's users with permissions to create a data source can CRUD all data sources in github.com/grafana/grafana
GO-2024-2661: Arbitrary file read in github.com/grafana/grafana
GO-2024-2697: Grafana: Users outside an organization can delete a snapshot with its key in github.com/grafana/grafana
GO-2024-2843: Grafana Email addresses and usernames can not be trusted in github.com/grafana/grafana
GO-2024-2844: Grafana User enumeration via forget password in github.com/grafana/grafana
GO-2024-2847: Grafana Escalation from admin to server admin when auth proxy is used in github.com/grafana/grafana
GO-2024-2848: Grafana when using email as a username can block other users from signing in in github.com/grafana/grafana
GO-2024-2851: Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins in github.com/grafana/grafana
GO-2024-2852: Grafana account takeover via OAuth vulnerability in github.com/grafana/grafana
GO-2024-2854: Grafana folders admin only permission privilege escalation in github.com/grafana/grafana
GO-2024-2855: Grafana Plugin signature bypass in github.com/grafana/grafana
GO-2024-2856: Grafana Race condition allowing privilege escalation in github.com/grafana/grafana
GO-2024-2857: Grafana Stored Cross-site Scripting in Unified Alerting in github.com/grafana/grafana
GO-2024-2867: Grafana Spoofing originalUrl of snapshots in github.com/grafana/grafana
Documentation
¶
type CollectionFileContents[T any] struct {
Version int `json:"version"`
Items []T `json:"items"`
}
type PersistentCollection[T any] interface {
Delete(ctx context.Context, namespace string, predicate Predicate[T]) (deletedCount int, err error)
FindFirst(ctx context.Context, namespace string, predicate Predicate[T]) (T, error)
Find(ctx context.Context, namespace string, predicate Predicate[T]) ([]T, error)
Update(ctx context.Context, namespace string, updateFn UpdateFn[T]) (updatedCount int, err error)
Insert(ctx context.Context, namespace string, item T) error
}
PersistentCollection is a collection of items that's going to retain its state between Grafana restarts.
The main purpose of this API is to reduce the time-to-Proof-of-Concept - this is NOT intended for production use.
The item type needs to be serializable to JSON.
@alpha -- EXPERIMENTAL
type UpdateFn[T any] func(item T) (updated bool, updatedItem T, err error)
Source Files
¶
Click to show internal directories.
Click to hide internal directories.