Vulnerabilities > Elastic > Kibana > 5.3.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-16 | CVE-2017-8451 | Open Redirect vulnerability in Elastic Kibana With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. | 6.1 |
| 2017-06-05 | CVE-2017-8440 | Cross-site Scripting vulnerability in Elastic Kibana Starting in version 5.3.0, Kibana had a cross-site scripting (XSS) vulnerability in the Discover page that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |