Vulnerabilities > Elastic > Kibana > 6.8.10
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-18 | CVE-2021-22141 | Open Redirect vulnerability in Elastic Kibana An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. | 6.1 |
2022-11-18 | CVE-2021-37936 | Cross-site Scripting vulnerability in Elastic Kibana It was discovered that Kibana was not sanitizing document fields containing HTML snippets. | 5.4 |
2021-05-13 | CVE-2021-22136 | Insufficient Session Expiration vulnerability in Elastic Kibana In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. | 3.6 |
2021-05-13 | CVE-2021-22139 | Resource Exhaustion vulnerability in Elastic Kibana Kibana versions before 7.12.1 contain a denial of service vulnerability was found in the webhook actions due to a lack of timeout or a limit on the request size. | 4.0 |