HomePentest-Tools.com Logo

Elastic Kibana CVE-2017-8439 Cross-site scripting (XSS) Vulnerability - Windows

Severity
CVSSv3 Score
6.1
Vulnerability description

Elastic Kibana is prone to a cross-site scripting (XSS) vulnerability.

Risk description

The Flaw is due to an insufficient validation of user supplied input in the Time Series Visual Builder. Successful exploitation will allow remote attackers to inject arbitrary web script or HTML.

Recommendation

Update to Elastic Kibana version 5.4.1, or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Jun 5, 2017
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available