The host is installed with Kibana before 6.8.2 or 7.x before 7.2.1 and is prone to a prototype pollution vulnerability. A flaw is present in the application, which fails to properly handle an issue in unspecified vectors. Successful exploitation could allow an attacker to cause cross-site-scripting (XSS), denial of service (DoS), or Remote Code Execution attack.