A cross-site scripting (XSS) flaw was found in Kibana. A remote attacker could use this flaw to inject arbitrary web script into pages served to other users.
This issue has been addressed in the following products:
Red Hat OpenShift Enterprise 3.2
Red Hat OpenShift Enterprise 3.1
Via RHSA-2016:1836 https://access.redhat.com/errata/RHSA-2016:1836