Lucene search
ElasticCVELIST:CVE-2022-23710HistoryMar 03, 2022 - 9:51 p.m.
CVE-2022-23710
2022-03-0321:51:43
CWE-79
elastic
www.cve.org
0.001 Low
EPSS
Percentile
33.6%
A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.
CNA Affected
[
{
"product": "kibana",
"vendor": "Elastic",
"versions": [
{
"status": "affected",
"version": "For self-managed deployments the issue impacts versions 7.15.0, 7.15.1, and 7.15.2\nFor Elastic Cloud Services the issue impacts versions 7.15.0 through 7.17.0, and 8.0.0"
}
]
}
]Related
osv
osv
Withdrawn: Cross-site Scripting in Kibana
2022-03-04 00:00:15
CVE-2022-23710
2022-03-03 22:15:08
redhatcve
redhatcve
CVE-2022-23710
2022-03-21 16:34:24
cve
cve
CVE-2022-23710
2022-03-03 22:15:08
prion
prion
Cross site scripting
2022-03-03 22:15:00
nvd
nvd
CVE-2022-23710
2022-03-03 22:15:08
github
github
Withdrawn: Cross-site Scripting in Kibana
2022-03-04 00:00:15
openvas
openvas
Elastic Kibana XSS Vulnerability (ESA-2022-04)
2022-03-04 00:00:00
nessus
nessus
Kibana 7.15.0 < 7.17.1 Multiple Vulnerabilities
2023-01-11 00:00:00