According to its self-reported version number, the Kibana application running on the remote host is prior to 7.14.1. It is, therefore, affected by :
A code execution vulnerability due to an older version of js-yaml (CVE-2021-22150)
An HTML Injection due to a lack of sanitization of document fields containing html snippets (CVE-2021-22151)
A Path Traversal through .pbf files (CVE-2021-37936)
Note that the scanner has not tested for these issues but has instead relied only on the application’s self-reported version number.
No source data