Stored cross-site scripting vulnerability in Kibana - CVE-2020-7015 (MacOS)ID: oval:org.secpod.oval:def:67621 | Date: (C)2020-12-04 (M)2021-06-02 |
Class: VULNERABILITY | Family: macos |
The host is installed with Kibana before 6.8.10 or 7.x before 7.7.1 and is prone to a stored cross-site scripting vulnerability. A flaw is present in the application, which fails to properly handle an issue in TSVB visualization. Successful exploitation could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization.
Platform: |
Apple Mac OS 11 |
Apple Mac OS X 10.11 |
Apple Mac OS X 10.12 |
Apple Mac OS X 10.13 |
Apple Mac OS X 10.14 |
Apple Mac OS X 10.15 |