Description
Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2019-17146 | Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. |
References
History
No history.
Status: PUBLISHED
Assigner: elastic
Published:
Updated: 2024-08-04T20:54:28.307Z
Reserved: 2019-02-07T00:00:00.000Z
Link: CVE-2019-7608
No data.
Status : Modified
Published: 2019-03-25T19:29:02.100
Modified: 2026-06-17T02:40:45.153
Link: CVE-2019-7608
OpenCVE Enrichment
No data.
Weaknesses
-
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
EUVD