Grafana Flaws Allow User Redirection and Code Execution in Dashboards
Posted: Sat Jul 19, 2025 1:35 pm
Grafana Labs has released critical security patches addressing two significant vulnerabilities that could enable attackers to redirect users to malicious websites and execute arbitrary code within dashboard environments.
The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and CVE-2025-6197, a medium-severity open redirect flaw, both discovered through the company’s bug bounty program.
https://gbhackers.com/grafana-flaws/
The security update addresses CVE-2025-6023, a high-severity cross-site scripting (XSS) vulnerability, and CVE-2025-6197, a medium-severity open redirect flaw, both discovered through the company’s bug bounty program.
https://gbhackers.com/grafana-flaws/