Stored XSS Vulnerability in Kibana Region Map Visualization

Stored XSS Vulnerability in Kibana Region Map Visualization

CVE-2020-7017 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.

Learn more about our User Device Pen Test.