CVE-2017-11479
EUVD-2017-309829.09.2017, 01:34
Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| elastic | kibana | 5.0.0 |
| elastic | kibana | 5.0.1 |
| elastic | kibana | 5.0.2 |
| elastic | kibana | 5.1.1 |
| elastic | kibana | 5.1.2 |
| elastic | kibana | 5.2.0 |
| elastic | kibana | 5.2.1 |
| elastic | kibana | 5.2.2 |
| elastic | kibana | 5.3.0 |
| elastic | kibana | 5.3.1 |
| elastic | kibana | 5.3.2 |
| elastic | kibana | 5.3.3 |
| elastic | kibana | 5.4.0 |
| elastic | kibana | 5.4.1 |
| elastic | kibana | 5.4.2 |
| elastic | kibana | 5.4.3 |
| elastic | kibana | 5.5.0 |
| elastic | kibana | 5.5.1 |
| elastic | kibana | 5.5.2 |
| elastic | kibana | 5.5.3 |
| elastic | kibana | 5.6.0 |
| elasticsearch | kibana | 5.1.0 |
𝑥
= Vulnerable software versions
References