Our internal security tool scan finds below threat in using this plugin.
File : plugins/grafana-piechart-panel/module.htmlThreat
The web page can be framed. This means that clickjacking attacks against users are possible.
Impact
With clickjacking, an attacker can trick a victim user into clicking an invisible frame on the web page, thereby causing the victim to take an action they did not intend to take.
Solution
Common clickjacking prevention mechanisms include: X-Frame-Options: This is an HTTP response header that is used to prevent framing of the web page
Our internal security tool scan finds below threat in using this plugin. File : plugins/grafana-piechart-panel/module.html Threat The web page can be framed. This means that clickjacking attacks against users are possible. Impact With clickjacking, an attacker can trick a victim user into clicking an invisible frame on the web page, thereby causing the victim to take an action they did not intend to take.
Solution Common clickjacking prevention mechanisms include: X-Frame-Options: This is an HTTP response header that is used to prevent framing of the web page
Can we fix it in the next release ?