5 matches found
Security Bulletin:IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities (CVE-2016-1000220, CVE-2017-11479)
Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-11479 DESCRIPTION: Elastic Kibana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in Timelion. A remote attacke...
CVE-2016-1000220
Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers...
CVE-2016-1000220
Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers...
CVE-2016-1000220
Elastic Kibana prior to 4.5.4 and 4.1.11 is vulnerable to cross-site scripting (XSS) due to improper validation of user-supplied input. A remote attacker could exploit this by delivering a specially crafted URL to execute arbitrary JavaScript in a victim’s browser, potentially stealing cookies or...
CVE-2016-1000220
A cross-site scripting XSS flaw was found in Kibana. A remote attacker could use this flaw to inject arbitrary web script into pages served to other users...