A vulnerability was found in Grafana up to 11.2.1. It has been classified as critical. This affects an unknown part of the component SQL Expressions Experimental Feature. The manipulation of the argument PATH leads to code injection.
This vulnerability is uniquely identified as CVE-2024-9264. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.