On November 29, 2022, Grafana Labs released Grafana 9.3.0 and a security patch for Grafana 9.2.7 to address a high-severity stored XSS vulnerability identified as CVE-2022-31097, which was initially patched in July 2022 but reintroduced due to a build process failure. This vulnerability allows attackers to escalate privileges from Editor to Admin by deceiving an authenticated admin into clicking a malicious link. The impacted versions range from 9.1.0-beta1 to 9.3.0-beta1, and users are advised to upgrade their Grafana instances or disable Grafana Alerting as a temporary measure. The release also highlighted process improvements to prevent future regressions, including a new automated build and release pipeline. Grafana Labs remains committed to transparency and collaboration with the security research community, encouraging the reporting of security vulnerabilities via encrypted communication.