Sign in Get started

← All advisories

Medium severity6.1NVD Advisory· Published Jun 16, 2017· Updated May 13, 2026

CVE-2016-1000220

CVE-2016-1000220

Description

Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.

Affected products

1

Elastic/Kibana
cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
Range: >=4.1.0,<4.1.11

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

2

www.securityfocus.com/bid/99179nvdThird Party AdvisoryVDB Entry
www.elastic.co/community/securitynvdVendor Advisory

News mentions

0

No linked articles in our index yet.