VDB
BIT-grafana-2025-6023
BIT-grafana-2025-6023
PUBLISHED
CVSS 7.599999904632568 HIGH
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
Risk Scores
CVSS 3.1
7.599999904632568
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | grafana | 11.3.0, 12.0.0, 11.3.0 |
Timeline
- Jul 22, 2025 CVE Published
- Jul 29, 2025 CVE Updated