Medium severity6.1NVD Advisory· Published Jun 16, 2017· Updated Jun 17, 2026
CVE-2016-10366
CVE-2016-10366
Description
Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:a:elastic:kibana:4.3.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:elastic:kibana:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.6.1:*:*:*:*:*:*:*
- (no CPE)range: >=4.3 and <4.6.2
- (no CPE)range: 4.3 to 4.6.2
Patches
Vulnerability mechanics
References
1- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.