VDB
CVE-2024-11390
CVE-2024-11390
PUBLISHED
CVSS 8.5 HIGH
Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS
EPSS 0.27% · 50.4th percentile
Risk Scores
CVSS 4.0
8.5
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
EPSS Score
0.27%
50.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | elk | 8.4.0, 8.4.0, 7.17.6 |
| Bitnami | kibana | 7.17.6, 7.17.6, 8.4.0 |
| Bitnami | elk | 7.17.6, 8.4.0 |
Timeline
- May 1, 2025 CVE Published
- May 1, 2025 CVE Updated
- May 2, 2025 EPSS Score
- May 14, 2025 EPSS Score
- May 20, 2025 Coalition ESS Score
- May 26, 2025 EPSS Score
- Jun 6, 2025 EPSS Score
- Jun 18, 2025 EPSS Score
- Jun 30, 2025 EPSS Score
- Jul 12, 2025 EPSS Score
- Jul 24, 2025 EPSS Score
- Aug 5, 2025 EPSS Score