CVE-2020-7017

MEDIUM Year: 2020
CVSS v3 Score
6.7
Medium
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-79
View all →

Vulnerability Description

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.

Related Vulnerabilities

CVE-2021-3811

MEDIUM
CVSS:6.7(Medium)

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-792021

CVE-2021-3812

MEDIUM
CVSS:6.7(Medium)

adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-792021

CVE-2022-0612

MEDIUM
CVSS:6.7(Medium)

Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.

CWE-792022

CVE-2022-2796

MEDIUM
CVSS:6.7(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.4.

CWE-792022

CVE-2022-2885

MEDIUM
CVSS:6.7(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.

CWE-792022

CVE-2022-4733

MEDIUM
CVSS:6.7(Medium)

Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.0.2.

CWE-792022