High severity7.6GHSA Advisory· Published Jul 18, 2025· Updated Apr 15, 2026
CVE-2025-6023
CVE-2025-6023
Description
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.
The open redirect can be chained with path traversal vulnerabilities to achieve XSS.
Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/grafana/grafanaGo | < 1.9.2-0.20250521205822-0ba0b99665a9 | 1.9.2-0.20250521205822-0ba0b99665a9 |
Affected products
53- osv-coords52 versionspkg:apk/chainguard/grafana-fips-11.6pkg:apk/chainguard/grafana-fips-12.2pkg:apk/chainguard/grafana-fips-12.3pkg:apk/chainguard/grafana-fips-12.4pkg:apk/chainguard/grafana-fips-13.0pkg:bitnami/grafanapkg:golang/github.com/grafana/grafanapkg:rpm/opensuse/dracut-saltboot&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/grafana&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/grafana&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/spacecmd&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/supportutils-plugin-susemanager-client&distro=openSUSE%20Leap%2015.6pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/dracut-saltboot&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/golang-github-prometheus-alertmanager&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6pkg:rpm/suse/grafana&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP7pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/grafana&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/grafana&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/mgr-push&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/mgr-push&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/mgr-push&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/Multi-Linux-ManagerTools-SLE-release&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/python-defusedxml&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/python-defusedxml&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/rhnlib&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/rhnlib&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/rhnlib&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/spacecmd&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/spacecmd&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/spacewalk-client-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-12pkg:rpm/suse/supportutils-plugin-susemanager-client&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2012pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%2015pkg:rpm/suse/uyuni-tools&distro=SUSE%20Manager%20Client%20Tools%20for%20SLE%20Micro%205pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-15pkg:rpm/suse/uyuni-tools&distro=SUSE%20Multi%20Linux%20Manager%20Tools%20SLE-Micro-5
< 0+ 51 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: >= 11.3.0, < 11.6.3
- (no CPE)range: < 1.9.2-0.20250521205822-0ba0b99665a9
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 0.0.20250730T213748-1.1
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.6.3+security01-1.1
- (no CPE)range: < 5.0.14-150000.3.139.1
- (no CPE)range: < 5.0.5-150000.3.30.1
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 1.0.0-150000.1.62.1
- (no CPE)range: < 1.0.0-150002.3.3.1
- (no CPE)range: < 1.0.0-150002.3.3.1
- (no CPE)range: < 0.28.1-1.34.1
- (no CPE)range: < 0.28.1-120002.4.3.2
- (no CPE)range: < 0.28.1-150002.4.3.3
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.5.10-150200.3.80.1
- (no CPE)range: < 11.5.10-1.87.1
- (no CPE)range: < 11.5.10-150000.1.87.1
- (no CPE)range: < 11.5.7-120002.4.3.2
- (no CPE)range: < 11.5.7-150002.4.3.3
- (no CPE)range: < 5.0.3-1.30.3
- (no CPE)range: < 5.0.3-150000.1.30.1
- (no CPE)range: < 5.1.4-120002.3.3.3
- (no CPE)range: < 5.1.4-150002.3.3.3
- (no CPE)range: < 12-120002.1.3.2
- (no CPE)range: < 0.6.0-120002.1.3.1
- (no CPE)range: < 0.7.1-150002.1.3.2
- (no CPE)range: < 5.0.6-21.55.1
- (no CPE)range: < 5.0.6-150000.3.49.1
- (no CPE)range: < 5.1.3-120002.3.3.1
- (no CPE)range: < 5.1.3-150002.3.3.2
- (no CPE)range: < 5.0.14-38.162.1
- (no CPE)range: < 5.0.14-150000.3.139.1
- (no CPE)range: < 5.1.11-120002.3.3.2
- (no CPE)range: < 5.1.11-150002.3.3.2
- (no CPE)range: < 5.1.7-120002.3.3.2
- (no CPE)range: < 5.1.7-150002.3.3.3
- (no CPE)range: < 5.0.5-6.36.1
- (no CPE)range: < 5.0.5-150000.3.30.1
- (no CPE)range: < 5.1.4-120002.3.3.1
- (no CPE)range: < 5.1.4-150002.3.3.2
- (no CPE)range: < 0.1.37-1.27.1
- (no CPE)range: < 0.1.37-150000.1.27.1
- (no CPE)range: < 0.1.37-150000.1.27.1
- (no CPE)range: < 5.1.20-150002.3.3.3
- (no CPE)range: < 5.1.20-150002.3.3.3
Patches
Vulnerability mechanics
References
11- github.com/advisories/GHSA-vqph-p5vc-g644ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-6023ghsaADVISORY
- github.com/grafana/grafana/commit/0ba0b99665a946cd96676ef85ec8bc83028cb1d7ghsaWEB
- github.com/grafana/grafana/commit/40ed88fe86d347bcde5ddaed6c4a20a95d2f0d55ghsaWEB
- github.com/grafana/grafana/commit/5b00e21638f565eed46acb4d0b7c009968df4c3bghsaWEB
- github.com/grafana/grafana/commit/b6dd2b70c655c61b111b328f1a7dcca6b3954936ghsaWEB
- github.com/grafana/grafana/commit/e0ba4b480954f8a33aa2cff3229f6bcc05777bd9ghsaWEB
- grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023ghsaWEB
- grafana.com/security/security-advisories/cve-2025-6023ghsaWEB
- grafana.com/blog/2025/07/17/grafana-security-release-medium-and-high-severity-fixes-for-cve-2025-6197-and-cve-2025-6023/nvd
- grafana.com/security/security-advisories/cve-2025-6023/nvd
News mentions
0No linked articles in our index yet.