CVE-2016-10366

Summary

Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.

Affected Software

VendorProductVersion RangeStatus
ElasticKibana4.3 to 4.6.2affected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation

ADP Enrichment

CVE Program Container

Additional References

References