Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-m6gg-86c6-gfr9

Опубликовано: 04 мар. 2022
Источник: github
Github: Прошло ревью
CVSS3: 6.1

Описание

Withdrawn: Cross-site Scripting in Kibana

##Withdrawn: This advisory is for Kibana, not ElasticSearch as it was originally published, and is withdrawn as being out of scope of our supported ecosystems.

A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim's browser.

Ссылки

Пакеты

Наименование

org.elasticsearch:elasticsearch

maven
Затронутые версииВерсия исправления

>= 7.16.0, < 7.17.1

7.17.1

EPSS

Процентиль: 66%
0.00526
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-23710

Дефекты

CWE-79

Связанные уязвимости

redhat логотип

CVE-2022-23710

CVSS3: 6.1
redhat
почти 4 года назад

A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.

nvd логотип

CVE-2022-23710

CVSS3: 6.1
nvd
почти 4 года назад

A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.

debian логотип

CVE-2022-23710

CVSS3: 6.1
debian
почти 4 года назад

A cross-site-scripting (XSS) vulnerability was discovered in the Data ...

EPSS

Процентиль: 66%
0.00526
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2022-23710

Дефекты

CWE-79