Primary

Context

SICK Grafana OSS Open Redirect Vulnerability in Incoming Goods Suite

Vulnerability

A vulnerability allowing open redirects has been identified in the Grafana OSS organization switching feature, specifically within the SICK Incoming Goods Suite product. This vulnerability arises when multiple organizations are present in the Grafana instance, and a user is on a different organization than the one indicated in the URL. Exploitation of this vulnerability could lead to cross-site scripting (XSS) attacks.

Impact

Exploitation of this vulnerability could result in unauthorized redirection of users, potentially leading to cross-site scripting (XSS) attacks.

Remediation

Users are strongly recommended to upgrade to the latest release of SICK Incoming Goods Suite (version 1.2.1 or higher).

Added: Jan 15, 2026, 2:23 PM

Updated: Jan 15, 2026, 2:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

6.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.2

exploitability

6.0

remediation

0.0

relevance

2.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SICK Grafana OSS Open Redirect Vulnerability in Incoming Goods Suite

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating