0.001 Low
EPSS
Percentile
40.5%
Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
bugzilla.redhat.com/show_bug.cgi?id=1632450
www.cve.org/CVERecord?id=CVE-2018-3830 https://nvd.nist.gov/vuln/detail/CVE-2018-3830