Cross-site scripting (XSS) vulnerability in kibana - CVE-2019-7608 (rpm)ID: oval:org.secpod.oval:def:58405 | Date: (C)2019-10-11 (M)2021-06-02 |
Class: VULNERABILITY | Family: unix |
The host is installed with kibana before 5.6.15 or 6.x before 6.6.1 and is prone to a cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to handle a issue in unspecified vectors. Successful exploitation allows attackers to obtain sensitive information from or perform destructive actions on behalf of other kibana users.