CVE-2025-6023
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-18

Last updated on: 2025-07-22

Assigner: Grafana Labs

Description
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-18
Last Modified
2025-07-22
Generated
2026-05-07
AI Q&A
2025-07-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-6023
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
grafana grafana 11.5.0
grafana grafana 11.4.6
grafana grafana 11.5.6
grafana grafana 11.6.3
grafana grafana 11.3.8
grafana grafana 12.0.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-6023 is an open redirect vulnerability in Grafana OSS introduced in version 11.5.0. This flaw allows attackers to redirect users to malicious sites and can be exploited to perform Cross-Site Scripting (XSS) attacks, especially when combined with path traversal vulnerabilities. Essentially, it enables attackers to inject malicious scripts via redirected URLs or scripted dashboards. [1]


How can this vulnerability impact me? :

This vulnerability can impact you by allowing attackers to execute XSS attacks, which can lead to theft of user credentials, session hijacking, or unauthorized actions performed on behalf of users. It can also expose users to malicious sites through open redirects, potentially compromising user data and system integrity. [1]


What immediate steps should I take to mitigate this vulnerability?

To mitigate this vulnerability, upgrade your Grafana OSS installation to one of the fixed versions: 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01, or 11.3.8+security-01. Applying these updates will address the open redirect vulnerability and prevent potential XSS attacks. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart