Elastic Elastic App Search — known CVE vulnerabilities
Every CVE whose affected-product data names Elastic Elastic App Search, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-22140 — CVSS 7.5 (high): Elastic App Search versions after 7.11.0 and before 7.12.0 contain an XML External Entity Injection issue (XXE) in the App Search web…
CVE-2020-7011 — CVSS 6.1 (medium): Elastic App Search versions before 7.7.0 contain a cross site scripting (XSS) flaw when displaying document URLs in the Reference UI. If…