0.001 Low
EPSS
Percentile
40.5%
kibana is vulnerable to a cross-site scripting (XSS) attack. The library does not properly sanitize the source text field, allowing a malicious user to inject and execute arbitrary Javascript.
source
access.redhat.com/errata/RHSA-2018:3537
discuss.elastic.co/t/elastic-stack-6-4-1-and-5-6-12-security-update/149035
github.com/elastic/kibana/issues/22770
www.elastic.co/community/security