HomePentest-Tools.com Logo

Elastic Kibana Cross-site scripting (XSS) Vulnerability (Windows) CVE-2015-4093

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Elastic Kibana is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The Flaw is due to an insufficient validation of user supplied input. Successful exploitation will allow remote attackers to inject arbitrary web script or HTML.

Recommendation

Update to Elastic Kibana version 4.0.3, or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 15, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available