NVD

Id
86646  
Name
CVE-2017-8440  
Description
Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:P/A:N)  
Pub Date
2017-06-17  
Published
2017-06-05  
Modified Date
2017-06-13  
Seq
2017-8440  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
420458 86646 CVE-2016-4829 JVN#39594409  View
420459 86646 CVE-2016-4829 JVNDB-2016-000120  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
68435 JVNDB-2017-004692 Kibana の Discover ページにおけるクロスサイトスクリプティングの脆弱性 Kibana の Discover ページには、クロスサイトスクリプティングの脆弱性が存在します。 CVE-2017-8440 0 CVE-2017-8440 86646 4.3 6.1 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004692.html 2017-06-01 2017-07-05 View