CVE-2015-9056

Summary

Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack.

Affected Software

VendorProductVersion RangeStatus
ElasticKibanabefore 4.1.3 and 4.2.1affected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation

ADP Enrichment

CVE Program Container

Additional References

References