Vulnetix
Try Vulnetix Request Demo
CVE-2020-7015 PUBLISHED CVSS 5.400000095367432 MEDIUM

Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization.

EPSS 0.30% · 53.3th percentile

Risk Scores

CVSS v3.1
5.400000095367432
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS Score
0.30%
53.3th percentile

Affected Products

VendorProductVersions
ElasticKibanabefore 6.8.9 and 7.7.0
elastickibana0, 7.0.0

Timeline

References

Open in Interactive Console →