You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Grafana has a public API endpoint, /public/plugins/:pluginId, which allows you to view a plugin's assets. This works by providing a valid :pluginId and then specifying the file path, such as img/logo.png. However, Grafana fails to sanitize the user provided file path, leading to path traversal.