Vulnerabilities > Elastic > Kibana > 6.5.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-25 | CVE-2019-7609 | Code Injection vulnerability in multiple products Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. | 10.0 |
| 2019-03-25 | CVE-2019-7608 | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XSS) vulnerability that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |