CVE-2024-5526 Information

Description

Grafana OnCall is an easy-to-use on-call management tool that will help reduce toil in on-call management through simpler workflows and interfaces that are tailored specifically for engineers.

Grafana OnCall from version 1.1.37 before 1.5.2 are vulnerable to a Server Side Request Forgery (SSRF) vulnerability in the webhook functionallity.

This issue was fixed in version 1.5.2

Reference

https://grafana.com/security/security-advisories/cve-2024-5526/