CVE-2020-7017
published 2020-07-27CVE-2020-7017: In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map…
medium6.7CVSS 3.1
AVNACHPRLUIRSUCHIHAL
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | — | — |
| elasticsearch | kibana | < 6.8.11 | 6.8.11 |
| elasticsearch | kibana | >= 7.0.0 < 7.8.1 | 7.8.1 |
| oracle | communications_billing_and_revenue_management | — | — |
| oracle | communications_cloud_native_core_network_function_cloud_native_environment | — | — |
| oracle | peoplesoft_enterprise_peopletools | — | — |