Elastic: >> Kibana >> 7.17.28 Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
CVSS Score
8.7
EPSS Score
0.0
Published
2025-10-10
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)
CVSS Score
8.2
EPSS Score
0.0
Published
2025-10-10
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload.
CVSS Score
8.7
EPSS Score
0.0
Published
2025-10-07
URL redirection to an untrusted site ('Open Redirect') in Kibana can lead to sending a user to an arbitrary site and server-side request forgery via a specially crafted URL.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-25
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint.
CVSS Score
7.6
EPSS Score
0.001
Published
2025-06-10