CVE-2022-23707

EPSS 0.5%CWE-79

An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users

Produtos afetados

Elastic · Kibana

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://discuss.elastic.co/t/kibana-7-17-0-security-update/296215