Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.32 views

Kibana 5.0.0 < 5.6.1 Cross-Site Scripting

According to its self-reported version number, the Kibana application running on the remote host is 5.0.0 prior to 5.6.1. It is, therefore, affected by the following vulnerabilities: - A cross-site scripting XSS in Timelion that could allow an attacker to obtain sensitive information from or...

6.1CVSS6.2AI score0.01071EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 10:5 p.m.28 views

Security Bulletin:IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities (CVE-2016-1000220, CVE-2017-11479)

Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-11479 DESCRIPTION: Elastic Kibana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in Timelion. A remote attacke...

6.1CVSS0.6AI score0.0115EPSS
Exploits0Affected Software1
CVE
CVE
added 2017/09/28 7:0 p.m.80 views

CVE-2017-11479

Kibana Timelion XSS (CVE-2017-11479) affects Kibana versions prior to 5.6.1. The vulnerability arises from improper validation in Timelion, allowing an attacker to execute script in a victim’s browser and, per sources, potentially obtain sensitive information or perform actions on behalf of other...

6.1CVSS5.9AI score0.01071EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2017/09/28 7:0 p.m.36 views

CVE-2017-11479

Kibana versions prior to 5.6.1 had a cross-site scripting XSS vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users...

6AI score0.01071EPSS
Exploits0References3
Rows per page
Query Builder