Vulnerabilities > Elastic > Kibana > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-11 | CVE-2022-23707 | Cross-site Scripting vulnerability in Elastic Kibana An XSS vulnerability was found in Kibana index patterns. | 3.5 |
| 2021-05-13 | CVE-2021-22136 | Insufficient Session Expiration vulnerability in Elastic Kibana In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. | 3.6 |
| 2020-06-03 | CVE-2020-7015 | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. | 3.5 |
| 2019-12-18 | CVE-2019-7621 | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting (XSS) flaw in the coordinate and region map visualizations. | 3.5 |
| 2019-10-01 | CVE-2019-7618 | Path Traversal vulnerability in Elastic Kibana 7.3.0/7.3.1/7.3.2 A local file disclosure flaw was found in Elastic Code versions 7.3.0, 7.3.1, and 7.3.2. | 3.5 |