Kibana XSS Vulnerability: Arbitrary JavaScript Execution in Browsers

CVE-2016-1000220 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.

Learn more about our User Device Pen Test.