{"id":66509,"date":"2025-07-18T12:31:57","date_gmt":"2025-07-18T09:01:57","guid":{"rendered":"https:\/\/afaghhosting.net\/blog\/cve-2025-6023-grafana-open-redirect-xss-vulnerability\/"},"modified":"2025-07-18T12:31:57","modified_gmt":"2025-07-18T09:01:57","slug":"cve-2025-6023-grafana-open-redirect-xss-vulnerability","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cve-2025-6023-grafana-open-redirect-xss-vulnerability\/","title":{"rendered":"CVE-2025-6023 &#8211; Grafana Open Redirect XSS Vulnerability"},"content":{"rendered":"<p><strong>CVE ID : <\/strong>CVE-2025-6023<br \/>\n<br \/>\n<strong>Published : <\/strong> 18. Juli 2025 08:15 | 28\u00a0Minuten ago<br \/>\n<br \/>\n<strong>Description : <\/strong>An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.<\/p>\n<p>The open redirect can be chained with path traversal vulnerabilities to achieve XSS.<\/p>\n<p>Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01<br \/>\n<br \/>\n<strong>Severity:<\/strong> 7.6 | HIGH<br \/>\n<br \/>\nVisit the link for more details, such as CVSS details, affected products, timeline, and more&#8230;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>CVE ID : CVE-2025-6023 Published : 18. Juli 2025 08:15 | 28\u00a0Minuten ago Description : An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-66509","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66509","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=66509"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/66509\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=66509"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=66509"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=66509"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}