CVE-2022-23707

Summary

An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users

Affected Software

VendorProductVersion RangeStatus
ElasticKibana7.5.1 through 7.16.3affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References