Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: elastic
Published: 2018-09-19T19:00:00
Updated: 2024-08-05T04:57:24.498Z
Reserved: 2018-01-02T00:00:00
Link: CVE-2018-3830
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-09-19T19:29:01.203
Modified: 2024-11-21T04:06:07.207
Link: CVE-2018-3830
Redhat