Описание
Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) Operational Tools | kibana | Not affected | ||
| Red Hat OpenShift Enterprise 3.1 | kibana | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) Operational Tools | kibana | Not affected | ||
| Red Hat OpenStack Platform 9 (Mitaka) Operational Tools | kibana | Not affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1350727kibana: Cross-site scripting vulnerability
EPSS
Процентиль: 46%
0.00237
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2
Связанные уязвимости
nvd
больше 10 лет назад
Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
debian
больше 10 лет назад
Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x b ...
github
больше 3 лет назад
Cross-site scripting (XSS) vulnerability in Elasticsearch Kibana 4.x before 4.0.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
EPSS
Процентиль: 46%
0.00237
Низкий
6.1 Medium
CVSS3
4.3 Medium
CVSS2