vulnerability

SUSE: CVE-2025-6023: SUSE Linux Security Advisory

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:M/Au:N/C:C/I:P/A:P)	Oct 28, 2025	Nov 5, 2025	Dec 24, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:P/A:P)

Published

Oct 28, 2025

Added

Nov 5, 2025

Modified

Dec 24, 2025

Description

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0.

The open redirect can be chained with path traversal vulnerabilities to achieve XSS.

Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01

Solutions

suse-upgrade-dracut-saltbootsuse-upgrade-govulncheck-vulndbsuse-upgrade-grafanasuse-upgrade-spacecmdsuse-upgrade-supportutils-plugin-susemanager-client

References

CVE-2025-6023
https://attackerkb.com/topics/CVE-2025-6023
CWE-601
CWE-79

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today