Lucene search

Cross-Site Scripting (XSS)

🗓️ 13 Nov 2017 08:45:57Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 20 Views

kibana XSS vulnerability in `timechartFn` functio

Reporter	Title	Published	Views	Family All 9
Cvelist	CVE-2017-11479	28 Sep 201719:00	–	cvelist
CVE	CVE-2017-11479	29 Sep 201701:34	–	cve
NVD	CVE-2017-11479	29 Sep 201701:34	–	nvd
OpenVAS	Elastic Kibana <= 5.6.0 XSS Vulnerability	9 Oct 201700:00	–	openvas
Tenable Nessus	Kibana 5.0.0 < 5.6.1 Cross-Site Scripting	11 Jan 202300:00	–	nessus
OSV	CVE-2017-11479	29 Sep 201701:34	–	osv
Prion	Cross site scripting	29 Sep 201701:34	–	prion
RedhatCVE	CVE-2017-11479	11 Jan 201807:50	–	redhatcve
IBM Security Bulletins	Security Bulletin:IBM Security Guardium Big Data Intelligence (SonarG) is vulnerable to using Components with Known Vulnerabilities (CVE-2016-1000220, CVE-2017-11479)	16 Jun 201822:05	–	ibm

Vulners

Node

kibanaMatch5.1.1

kibanaRange≤5.6.0

Source	Link
github	www.github.com/elastic/kibana/commit/a664861a1d8ede4bb92a1acc81d2f7fc9932a8ba
github	www.github.com/elastic/kibana/pull/13892
discuss	www.discuss.elastic.co/t/x-pack-alerting-and-kibana-5-6-1-security-update/101884
openwall	www.openwall.com/lists/oss-security/2019/10/24/1
openwall	www.openwall.com/lists/oss-security/2019/10/29/3

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Nov 2017 08:57Current

6Medium risk

Vulners AI Score6

EPSS0.00118