Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-23707

Опубликовано: 11 фев. 2022
Источник: nvd
CVSS3: 5.4
CVSS2: 3.5
EPSS Низкий

Описание

An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
Версия от 7.5.1 (включая) до 7.17.0 (исключая)

EPSS

Процентиль: 63%
0.00436
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79
CWE-79

Связанные уязвимости

redhat логотип

CVE-2022-23707

CVSS3: 8.1
redhat
около 4 лет назад

An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users

debian логотип

CVE-2022-23707

CVSS3: 5.4
debian
почти 4 года назад

An XSS vulnerability was found in Kibana index patterns. Using this vu ...

github логотип

GHSA-xj4h-2rjf-hh84

github
почти 4 года назад

An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users

EPSS

Процентиль: 63%
0.00436
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79
CWE-79