Описание
A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.
Ссылки
- Release NotesVendor Advisory
- Third Party Advisory
- Release NotesVendor Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.15.0 (включая) до 7.17.0 (включая)
Одно из
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
cpe:2.3:a:elastic:kibana:8.0.0:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00526
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 6.1
redhat
почти 4 года назад
A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.
CVSS3: 6.1
debian
почти 4 года назад
A cross-site-scripting (XSS) vulnerability was discovered in the Data ...
EPSS
Процентиль: 67%
0.00526
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-79
CWE-79