The host is installed with Kibana before 6.8.11 or 7.x before 7.8.1 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in region map visualization. Successful exploitation could allow an attacker to obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.