EUVD-2020-28154

Malware in sbrugna...

Cross-site Scripting (XSS)

kibana is susceptible to cross-site scripting XSS. The vulnerability allows a user with privilege to edit or create a region map visualization to inject malicious HTML script via region map visualization feature, leading to sensitive information leakage and perform malicious action on behalf of...

CVE-2020-7017

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map...

CVE-2020-7017

CVE-2020-7017 is a stored XSS in the Kibana region map visualization, affecting Kibana before 6.8.11 and 7.8.1. An attacker who can edit/create a region map could execute scripts in viewers’ browsers and potentially access or perform actions on behalf of Kibana users. Remediation in the public ad...

Elastic Stack 6.8.6 and 7.5.1 security update

Kibana XSS ESA-2019-17 Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting XSS flaw in the coordinate and region map visualizations. An attacker with the ability to create coordinate map visualizations could create a malicious visualization. If another Kibana user views that...