Every CVE whose affected-product data names Elasticsearch Kibana, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2020-7017 — CVSS 6.7 (medium): In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or…
CVE-2017-11479 — CVSS 6.1 (medium): Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive…
CVE-2020-7016 — CVSS 4.8 (medium): Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. An attacker can construct a URL that when…