Vulnerabilities > Elastic > Kibana > 7.12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-23707 | Cross-site Scripting vulnerability in Elastic Kibana An XSS vulnerability was found in Kibana index patterns. | 3.5 |
| 2021-11-18 | CVE-2021-37938 | Path Traversal vulnerability in Elastic Kibana It was discovered that on Windows operating systems specifically, Kibana was not validating a user supplied path, which would load .pbf files. | 4.0 |
| 2021-11-18 | CVE-2021-37939 | Cleartext Transmission of Sensitive Information vulnerability in Elastic Kibana It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. | 4.0 |