Vulnerabilities > Elastic > Kibana > 5.6.16

DATE CVE VULNERABILITY TITLE RISK
2018-03-30 CVE-2018-3818 Cross-site Scripting vulnerability in Elastic Kibana
Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting (XSS) vulnerability via the colored fields formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.
network
low complexity
elastic CWE-79
6.1
6.1