CVE-2021-22142 log

Severity Medium
Remote Yes
Type Insufficient validation
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protections to prevent this browser from rendering arbitrary content. All versions of Kibana after 7.0.0 and before 7.13.0 are affected.
Group Package Affected Fixed Severity Status Ticket
AVG-1570 kibana 7.10.2-1 Medium Unknown FS#70038