Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
# InfluxDB Reflected cross-site-scripting (XSS) vulnerability in v0.9.5
## Description
InfluxData provides the leading time series platform to instrument, observe, learn and automate any system, application and business process across a variety of use cases.
Official Website:
https://www.influxdata.com/
### Proof of Concept 1 (stored XSS)
From the admin panel, it is possible to inject Malicious JavaScript into the Write Data Module:
```
<script>alert("Xss")</script>
```
## Fixes
Upgrade to Latest Version
## Affected versions
* Versions up to 0.9.5
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment