Количество 3
Количество 3
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser (XSS) via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices.
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead t ...
GHSA-mv8v-9jrg-2c2w
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser (XSS) via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2024-11390 Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser (XSS) via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices. | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
| CVE-2024-11390 Unrestricted upload of a file with dangerous type in Kibana can lead t ... | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
| GHSA-mv8v-9jrg-2c2w Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser (XSS) via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices. | CVSS3: 5.4 | 0% Низкий | 9 месяцев назад |
Уязвимостей на страницу