How Grafana's No-Op Validator Turns Anonymous Access Into Pre-Auth SSRFApr 8, 2026TL;DR Grafana OSS ships a no-op request validator for the datasource proxy endpoint. It always returns nil. Zero SSRF protection. Combined with two default …#vulnerability-research #SSRF #grafana