Web Cross-Site Scripting in Grafana via Client Path Traversal and Open Redirect CVE-2025-4123

[pianoxltd]

Cross-Site Scripting in Grafana via Client Path Traversal and Open Redirect CVE-2025-4123

POC:
https://github.com/kk12-30/CVE-2025-4123

 

[pianoxltd]

Grafana CVE-2025–4123: Full Read SSRF & Account Takeover

 

[pianoxltd]

shodan

product:"Grafana"

fofa

app="Grafana"