Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: elastic

Published: 2018-09-19T19:00:00

Updated: 2024-08-05T04:57:24.498Z

Reserved: 2018-01-02T00:00:00

Link: CVE-2018-3830

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2018-09-19T19:29:01.203

Modified: 2024-11-21T04:06:07.207

Link: CVE-2018-3830

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-09-18T00:00:00Z

Links: CVE-2018-3830 - Bugzilla