AI description
CVE-2025-4123 is a cross-site scripting (XSS) vulnerability found in Grafana. It stems from a combination of client path traversal and an open redirect issue within the handling of custom frontend plugins. This flaw allows attackers to redirect users to malicious websites and execute arbitrary JavaScript code. The vulnerability is particularly concerning because it can be exploited even without editor permissions, especially if anonymous access is enabled in Grafana. Furthermore, if the Grafana Image Renderer plugin is installed, the vulnerability can be escalated to a full read Server-Side Request Forgery (SSRF), potentially exposing internal services and cloud metadata. All supported versions of Grafana OSS and Grafana Enterprise, starting from Grafana 8 are affected.
- Description
- A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is installed, it is possible to exploit the open redirect to achieve a full read SSRF. The default Content-Security-Policy (CSP) in Grafana will block the XSS though the `connect-src` directive.
- Source
- security@grafana.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.6
- Impact score
- 4.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:L
- Severity
- HIGH
- security@grafana.com
- CWE-79
- Hype score
- Not currently trending
Grafana の脆弱なインスタンスは 46,000:CVE-2025-4123 の悪用とアカウント乗っ取り https://t.co/fwqO6o0Llb Grafana の脆弱性 CVE-2025-4123
@iototsecnews
30 Jun 2025
141 Impressions
3 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Una tercera dels servidors Grafana exposats a internet, gairebé 46.000, son vulnerables a la presa de control total dels servidors per part d'atacants (CVE-2025-4123). https://t.co/8NXxJYO0tG https://t.co/GtdzDz5tDF
@lalgorisme
18 Jun 2025
193 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 - Grafana XSS and Full-Read SSRF vulnerability https://t.co/oqBN98aGRd https://t.co/4hhYTA0DcN
@mayurk21
18 Jun 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 - Grafana XSS and Full-Read SSRF vulnerability https://t.co/Caae8k9etI https://t.co/sr9aldNAxN
@IdentityJason
17 Jun 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 Grafana Bug name: grafana ghost Type: client-side Weakness: Plugin mechanism that downloads plugins from urls Attack techniques: URL manipulation, session hijacking, cross-origin-bypass
@ghostbugste
17 Jun 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
2 Replies
0 Quotes
CVE-2025-4123 - Grafana XSS and Full-Read SSRF vulnerability https://t.co/KYd6NG4WIc https://t.co/Byczt9WcPp
@scandaletti
17 Jun 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 - Grafana XSS and Full-Read SSRF vulnerability https://t.co/0lE5F4zdlh https://t.co/4gcQPnOmSU
@SirajD_Official
17 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 - Grafana XSS and Full-Read SSRF vulnerability https://t.co/e0VClHUBif https://t.co/YlmpVMEjjF
@CloudVirtues
16 Jun 2025
27 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 46,000 internet-facing #Grafana instances remain unpatched and vulnerable to a client-side open redirect #vulnerability, which can lead to malicious plugin execution and account takeover. This issue is identified as CVE-2025-4123. #onpatrol4malware https://t.co/2654tyrqkQ
@MalwarePatrol
16 Jun 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking https://t.co/LIse4sulqj June has been a turbulent month for cyber defenders, marked by a surge of high-profile vulnerabilities shaking the security landscape. Following the exploit
@f1tym1
16 Jun 2025
38 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-4123 : A Cross-Site Scripting (XSS) Vulnerability Exists in Grafana 🔥Exp: https://t.co/bk1IrYjWTR 🎯696k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link: https://t.co/nRs8nYnH1B FOFA Query:app="Grafana" 🔖Refer:https://t.c
@fofabot
16 Jun 2025
1635 Impressions
3 Retweets
24 Likes
9 Bookmarks
0 Replies
0 Quotes
🗞️ Over 46,000 Grafana instances are exposed to a client-side open redirect flaw (CVE-2025-4123), which allows malicious plugin execution and account takeovers. Admins must urgently update to secure critical monitoring systems from exploitation. Key takeaways: 🧵 https://
@gossy_84
16 Jun 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
【パッチ未適用のGrafanaインスタンスが4.6万件超】インターネットからアクセス可能な全Grafanaインスタンスの3分の1以上が、いまだXSSの脆弱性CVE-2025-4123のパッチを適用していないという。この欠陥は攻撃者に
@MachinaRecord
16 Jun 2025
120 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 46,000 exposed Grafana instances remain vulnerable to CVE-2025-4123, allowing malicious plugin execution and account takeover, despite security updates released by Grafana Labs. #Security https://t.co/eBBjQbuq5T
@Strivehawk
16 Jun 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨CVE-2025-4123 : A Cross-Site Scripting (XSS) Vulnerability Exists in Grafana 🔥EXP : https://t.co/64D9rVD52k 🧐Deep Dive : https://t.co/vmjghpY70O 📊1.8M+Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/LKwlkf3ZC7 👇Quer
@HunterMapping
16 Jun 2025
7766 Impressions
34 Retweets
138 Likes
69 Bookmarks
1 Reply
0 Quotes
Grafanaのアカウント乗っ取り脆弱性CVE-2025-4123の詳細と対策 https://t.co/TuBVYPYflX #Security #セキュリティ #ニュース
@SecureShield_
16 Jun 2025
63 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Over 46,000 public Grafana instances remain vulnerable to CVE-2025-4123, a client-side open redirect flaw that could lead to account takeover & remote code execution. Many still unpatched, exposing a major threat. ⚠️ #Grafana #Security #USA https://t.co/1bOuTzbI0e
@TweetThreatNews
15 Jun 2025
160 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
アカウント乗っ取りにつながるオープンリダイレクトの脆弱性"The Grafana Ghost" (CVE-2025-4123)に脆弱なGrafanaインスタンス46,000以上が公開状態にある。OX Security社報告。脆弱なバージョンは露出しているGrafanaの総数
@__kokumoto
15 Jun 2025
591 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
Over 46,000 Grafana instances remain unpatched against a critical flaw (CVE-2025-4123) allowing account takeover via open redirect and XSS. Patch now to prevent attackers from hijacking admin accounts and stealing cloud credentials. Details: https://t.co/6IQLsAdmVO
@RedTeamNewsBlog
15 Jun 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[1day1line] CVE-2025-4123: XSS via Open Redirect in Grafana https://t.co/8koSrvEYjS CVE-2025-4123 is an account-takeover vulnerability in Grafana that chains an Open Redirect with XSS, enabling an attacker to change a user’s password.
@hackyboiz
14 Jun 2025
776 Impressions
3 Retweets
15 Likes
7 Bookmarks
0 Replies
0 Quotes
#exploit 1. CVE-2025-0282: Stack-based BoF in Ivanti Connect Secure - https://t.co/gg5z4ap4Go 2. CVE-2025-4123: Grafana Path Traversal - https://t.co/0QxWl8iNVO 3. CVE-2025-4275: SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O - https://t.co/l6ppF6bgYS
@ksg93rd
11 Jun 2025
276 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
ㅤ ✨Grafana CVE-2025-4123 AWS SSRF @fofabot dork that find all vulnerable versions💯 👀 Very big Dork: app="grafana" && cloud_name="aws" && (body="Grafana v10.0.0" || body="Grafana v10.0.1" || body="Grafana v10.0.2" .....[and more] 🌀Get the full dork:
@darkshadow2bd
10 Jun 2025
2093 Impressions
10 Retweets
39 Likes
25 Bookmarks
0 Replies
0 Quotes
can't believe new CVE-2025-4123 is affected so many BBP programs on h1/bugcrowd including big Org. make sure to report by showing xss and ssrf poc if possible otherwise it goes n/a due to open redirect that are oos in most big programs..
@coffinxp7
6 Jun 2025
8079 Impressions
8 Retweets
109 Likes
43 Bookmarks
5 Replies
0 Quotes
I noticed someone released a tool for CVE-2025-4123 in Grafana. But let me clear this up. it's not as simple as adding a payload after /public/. That won’t exploit anything. Here's why 👇
@coffinxp7
6 Jun 2025
17059 Impressions
18 Retweets
184 Likes
117 Bookmarks
6 Replies
0 Quotes
CVE-2025-4123 : Grafana Full read SSRF and Account Takeover https://t.co/EIkI58ewwa https://t.co/DmfBzOHLde
@freedomhack101
4 Jun 2025
86 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 i wrote an extended tool for Grafana #github https://t.co/1x7S3CLaIC #bugbounty #bugbountytips https://t.co/i5E6AomHYM
@ynsmroztas
4 Jun 2025
18720 Impressions
32 Retweets
183 Likes
114 Bookmarks
2 Replies
1 Quote
🚨 Miles de instancias de Grafana expuestas a CVE-2025-4123 🔍 Un reciente escaneo en FOFA sugiere que al menos 1,486 sistemas en México ejecutan Grafana, una plataforma vulnerable al CVE-2025-4123, la cual permitiría SSRF completo y toma de cuentas si no está parcheada. h
@tpx_Security
2 Jun 2025
308 Impressions
2 Retweets
7 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123 (CVSS:7.6, HIGH) is Awaiting Analysis. A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redire..https://t.co/1M84e5Ugw9 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
27 May 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidad corregida en Grafana ❗CVE-2025-4123 ➡️Más info: https://t.co/CslNzs4DZl https://t.co/RqQmIkh2Vh
@CERTpy
26 May 2025
101 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical XSS vulnerability in Grafana (CVE-2025-4123) allows redirection & JS injection — no privileges needed. If you self-host Grafana, patch now. Affected: 8.x–12.0.0. #CyberSecurity #XSS #Grafana #CVE20254123 https://t.co/KbabJLkaqd
@threatsbank
23 May 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123: A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability
@cyber_advising
23 May 2025
892 Impressions
5 Retweets
9 Likes
9 Bookmarks
0 Replies
0 Quotes
GitHub - NightBloodz/CVE-2025-4123: Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF https://t.co/8eyy4Mp899
@Dinosn
23 May 2025
6030 Impressions
42 Retweets
142 Likes
42 Bookmarks
1 Reply
1 Quote
GitHub - NightBloodz/CVE-2025-4123: Script to exploit Grafana CVE-2025-4123: XSS and Full-Read SSRF - https://t.co/XrShAqkuew
@piedpiper1616
22 May 2025
1676 Impressions
12 Retweets
23 Likes
11 Bookmarks
0 Replies
0 Quotes
Grafana: CVE-2025-4123 Exploit https://t.co/nByMWvV8XN https://t.co/wiuiN5beP6
@nightbloodz_
22 May 2025
147 Impressions
0 Retweets
6 Likes
3 Bookmarks
0 Replies
0 Quotes
Grafana has issued high-severity security patches for CVE-2025-4123 to all supported versions 8.0+, addressing a critical XSS vulnerability that can lead to malicious redirects & session hijacking. Cloud services remain unaffected. 🚨 #Grafana #SecurityU… https://t.co/23h
@TweetThreatNews
22 May 2025
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-4123: 0-day in Grafana, 7.6 rating❗️ Grafana Labs has released an unscheduled update that fixes an XSS injection vulnerability in all supported versions. Search at https://t.co/hv7QKSqxTR: 👉 Link: https://t.co/2Wt7ex3e29 #cybersecurity #vulnerability_map https
@Netlas_io
22 May 2025
71 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Grafanaにおいて深刻度の高いXSS脆弱性(CVE-2025-4123)が報告された。 CVSSスコアは7.6で、カスタムフロントエンドプラグインを通じてパスの不正処理やオープンリダイレクトを悪用し、任意のJavaScriptを実行可能
@yousukezan
22 May 2025
4785 Impressions
7 Retweets
18 Likes
6 Bookmarks
0 Replies
0 Quotes
Just found an open redirect in Grafana (CVE-2025-4123) that allows 2 exploitation paths – Full Read SSRF & account takeover. 🔥 Easily my best bug so far. Full write-up: https://t.co/iMN8hIoAsp #bugbounty #infosec #cybersecurity https://t.co/UBHat7itcT
@nightbloodz_
22 May 2025
853 Impressions
4 Retweets
16 Likes
4 Bookmarks
1 Reply
0 Quotes
Grafanaで定例更新の1日前に脆弱性が修正された。CVE-2025-4123は深刻なXSSで、認証不要で悪用可能。即時更新が推奨されている。脆弱性が公開されたため定例更新を待たず修正したと公式。クライアントパストラ
@__kokumoto
22 May 2025
1010 Impressions
3 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
⚡️The vulnerability details are now available: https://t.co/TMtGakAeCu 🚨🚨CVE-2025-4123: Grafana XSS vuln exposed! Hackers can exploit client path traversal & open redirect in custom plugins to redirect users to malicious sites, executing rogue JavaScript. Session
@zoomeye_team
22 May 2025
1780 Impressions
9 Retweets
23 Likes
7 Bookmarks
0 Replies
0 Quotes