PT-2025-30013 · Grafana+2 · Grafana Oss+2

Dat Phung

Published

2025-06-11

Updated

2025-12-18

CVE-2025-6197

CVSS v3.1

4.2

Medium

Vector

AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Grafana OSS (affected versions not specified)

Description An open redirect issue exists in the organization switching functionality of Grafana OSS. Successful exploitation requires multiple organizations to be present within the Grafana instance and the victim to be a member of an organization different from the one specified in the URL.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

XSS

Open Redirect

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79CWE-601

Related Identifiers

ALT-PU-2025-10637

ALT-PU-2025-10789

BDU:2025-08910

BDU:2025-09887

BIT-GRAFANA-2025-6023

BIT-GRAFANA-2025-6197

CVE-2025-6197

GHSA-VQPH-P5VC-G644

GO-2025-3817

OPENSUSE-SU-2025:15372-1

SUSE-SU-2025:3817-1

SUSE-SU-2025:3819-1

SUSE-SU-2025:4457-1

SUSE-SU-2025:4458-1

SUSE-SU-2025:4482-1

Affected Products

Alt Linux

Grafana Oss

Red Os

PT-2025-30013 · Grafana+2 · Grafana Oss+2

CVE-2025-6197

Weakness Enumeration

Related Identifiers

Affected Products

References · 93