Red Hat Bugzilla – Bug 1533738
CVE-2017-8439 kibana: XSS in Time Series Visual Builder could allow an attacket to obtain sensitive user information
Last modified: 2018-01-12 00:35:39 EST
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users. References: https://nvd.nist.gov/vuln/detail/CVE-2017-8439 https://discuss.elastic.co/t/elastic-stack-5-4-1-and-5-3-3-security-updates/87952