9 matches found
BIT-ELK-2025-25009 Kibana Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
CVE-2025-25009
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
CVE-2025-25009
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
CVE-2025-25009
CVE-2025-25009 affects Kibana components where improper neutralization of input during web page generation enables stored XSS via case file uploads. The vulnerability is documented across multiple feeds (NVD, CVE lists, OSV, Nessus) with correlated advisories indicating Kibana versions in use; th...
CVE-2025-25009 Kibana Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
CVE-2025-25009 Kibana Cross-Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
EUVD-2025-32867
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...
Kibana 8.18.8, 8.19.5, 9.0.8, and 9.1.5 Security Update (ESA-2025-20)
Kibana Cross-Site Scripting XSS ESA-2025-20 Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload. Affected Versions: 7.x: All versions prior to and including 7.17.29 8.x: All versions from 8.0.0 up to and including 8.18.7 8.19.x: All...
PT-2025-40995
Name of the Vulnerable Software and Affected Versions Kibana affected versions not specified Description An issue exists in Kibana where improper neutralization of input during web page generation can lead to Stored Cross-Site Scripting XSS through case file uploads. The issue allows for the...