4 matches found
Kibana 5.0.0 < 5.6.1 Cross-Site Scripting
According to its self-reported version number, the Kibana application running on the remote host is 5.0.0 prior to 5.6.1. It is, therefore, affected by the following vulnerabilities: - A cross-site scripting XSS in Timelion that could allow an attacker to obtain sensitive information from or...
Security Bulletin:IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities (CVE-2016-1000220, CVE-2017-11479)
Summary IBM Security Guardium Big Data Intelligence SonarG has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2017-11479 DESCRIPTION: Elastic Kibana is vulnerable to cross-site scripting, caused by improper validation of user-supplied input in Timelion. A remote attacke...
CVE-2017-11479
Kibana Timelion XSS (CVE-2017-11479) affects Kibana versions prior to 5.6.1. The vulnerability arises from improper validation in Timelion, allowing an attacker to execute script in a victim’s browser and, per sources, potentially obtain sensitive information or perform actions on behalf of other...
CVE-2017-11479
Kibana versions prior to 5.6.1 had a cross-site scripting XSS vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users...