Lucene search
Veracode Vulnerability DatabaseVERACODE:34200HistoryFeb 14, 2022 - 9:03 a.m.
Cross-site Scripting (XSS)
2022-02-1409:03:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
0.001 Low
EPSS
Percentile
22.7%
kibana is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the index pattern allowing an attacker to inject maliciously crafted script via the index pattern.
| CPE | Name | Operator | Version |
|---|---|---|---|
| kibana | le | 7.16.3 | |
| @elastic/elasticsearch | le | 7.16.0 | |
| kibana | le | 7.16.3 | |
| @elastic/elasticsearch | le | 7.16.0 |
Related
prion
prion
Cross site scripting
2022-02-11 18:15:00
osv
osv
CVE-2022-23707
2022-02-11 18:15:11
cve
cve
CVE-2022-23707
2022-02-11 18:15:11
nvd
nvd
CVE-2022-23707
2022-02-11 18:15:11
cvelist
cvelist
CVE-2022-23707
2022-02-11 17:40:27
redhatcve
redhatcve
CVE-2022-23707
2022-02-07 08:48:32
openvas
openvas
Elastic Kibana XSS Vulnerability (ESA-2022-01)
2022-02-09 00:00:00
nessus
nessus
Kibana 7.5.1 < 7.17.0 Cross-Site Scripting
2023-01-11 00:00:00