Home
HIGH: 8.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:NDefault status
unaffected
7.0.0 (semver)
affected
8.0.0 (semver)
affected
8.19.0 (semver)
affected
9.0.0 (semver)
affected
9.1.0 (semver)
affected
Description
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
Problem types
CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Product status
7.0.0 (semver)
8.0.0 (semver)
8.19.0 (semver)
9.0.0 (semver)
9.1.0 (semver)
References
https/...19-5-9-0-8-9-1-5-security-update-esa-2025-17/382451
