0.001 Low
EPSS
Percentile
50.0%
kibana is vulnerable to cross-site scripting (XSS) attacks. A malicious user can inject and execute arbitrary JavaScript through the Discovery page.
discuss.elastic.co/t/elastic-stack-5-4-1-and-5-3-3-security-updates/87952
github.com/elastic/kibana/pull/11770
www.elastic.co/blog/kibana-5-4-1-and-5-3-3-released
www.elastic.co/community/security