Описание
A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser.
A Cross-site-scripting (XSS) vulnerability was found in the Vega Charts Kibana integration. This issue could allow arbitrary JavaScript to be executed in a victim’s browser.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Logging Subsystem for Red Hat OpenShift | openshift-logging/cluster-logging-rhel8-operator | Affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/elasticsearch-rhel8-operator | Affected | ||
| Logging Subsystem for Red Hat OpenShift | openshift-logging/kibana6-rhel8 | Not affected | ||
| Red Hat JBoss Fuse 6 | kibana | Out of support scope | ||
| Red Hat JBoss Fuse Service Works 6 | kibana | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.11 | kibana | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-logging-kibana5 | Out of support scope | ||
| Red Hat OpenStack Platform 13 (Queens) | puppet-kibana3 | Out of support scope | ||
| Red Hat OpenStack Platform 16.1 | puppet-kibana3 | Will not fix | ||
| Red Hat OpenStack Platform 16.2 | puppet-kibana3 | Will not fix |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=2172353kibana: Kibana cross-site-scripting (XSS) issue (ESA-2022-08)
6.1 Medium
CVSS3
Связанные уязвимости
CVSS3: 6.1
nvd
больше 3 лет назад
A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser.
CVSS3: 6.1
github
больше 3 лет назад
A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser.
6.1 Medium
CVSS3