Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.
2017-06-16T21:29:00.197
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 6.1 (MEDIUM)
AV:N/AC:M/Au:N/C:N/I:P/A:N
8.6
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | elastic | kibana | < 4.1.3 | Yes |
| Application | elastic | kibana | < 4.2.1 | Yes |
| Application | elastic | kibana | 4.2.0 | Yes |
| Application | elastic | kibana | 4.2.0 | Yes |