CVE-2018-3830
published 2018-09-19CVE-2018-3830: Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive…
medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | — | — |
| elastic | kibana | 5.3.0 – 6.4.1 | — |
| redhat | openshift_container_platform | — | — |