Описание
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.
The open redirect can be chained with path traversal vulnerabilities to achieve XSS.
Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
A Cross-site scripting (XSS) vulnerability was found in Grafana caused by client path traversal and open redirect. This flaw allows attackers to redirect users to malicious websites that execute arbitrary JavaScript code in scripted dashboards. Unlike many other XSS vulnerabilities, this vulnerability does not require editor permissions. If anonymous access is enabled, the XSS attack will be successful.
Отчет
No Red Hat products or offerings are affected by this vulnerability. As the version of grafana (9.2.10/10.2.6) shipped in this version of Red Hat Enterprise Linux is not vulnerable to this CVE. The vulnerable versions listed in the CVE posting are 12.0.x, 11.6.x, 11.5.x, 11.4.x, and 11.3.x, which are all not in Red Hat Enterprise Linux. This vulnerability is Important because it combines two high-impact vectors—open redirect and stored/reflected XSS—without the common mitigation of requiring elevated permissions. The lack of an editor-role requirement drastically expands the attack surface, enabling exploitation by any unauthenticated attacker if anonymous access is enabled. In Grafana deployments that allow public or wide internal access, an attacker could craft a malicious link that both redirects users to attacker-controlled domains and executes arbitrary JavaScript in scripted dashboards. This can directly lead to session hijacking, credential theft, or full account compromise, potentially allowing an attacker to modify dashboards, extract sensitive data from Grafana data sources, or pivot into connected systems.
Меры по смягчению последствий
Alternatively, you can block this attack by adding the default Content Security Policy configuration as suggested in the Grafana Documentation.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | grafana | Not affected | ||
| Red Hat Enterprise Linux 8 | grafana | Not affected | ||
| Red Hat Enterprise Linux 9 | grafana | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.1 High
CVSS3
Связанные уязвимости
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01
An open redirect vulnerability has been identified in Grafana OSS that ...
Grafana is vulnerable to XSS attacks through open redirects and path traversal
Уязвимость платформы для мониторинга и наблюдения Grafana, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю осуществлять межсайтовые сценарные атаки (XSS)
EPSS
7.1 High
CVSS3