CVE-2019-7608 log
Source |
|
Severity | High |
Remote | Yes |
Type | Information disclosure |
Description | Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from, or perform destructive actions on behalf of, other Kibana users. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-911 | kibana | 6.6.0-2 | 6.6.1-1 | High | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
25 Feb 2019 | ASA-201902-26 | AVG-911 | kibana | High | multiple issues |
References |
---|
https://discuss.elastic.co/t/elastic-stack-6-6-1-and-5-6-15-security-update/169077 |