CVE-2018-1000029
ELSA (Enterprise Log Search and Archive) v1205 and earlier is vulnerable to XSS in the index view (/) due to allocated payloads via the type, name, and value parameters of /Query/set_preference and the name/value parameters of /Query/preference. The root cause is a cross-site scripting flaw that ...