Vulnerabilities > Elasticsearch > Kibana > 2.2.2

DATE CVE VULNERABILITY TITLE RISK
2020-07-27 CVE-2020-7017 Cross-site Scripting vulnerability in multiple products
In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw.
network
high complexity
elasticsearch oracle CWE-79
6.7
2020-07-27 CVE-2020-7016 Resource Exhaustion vulnerability in multiple products
Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion.
network
high complexity
elasticsearch oracle CWE-400
4.8