Medium severity6.1NVD Advisory· Published Jun 16, 2017· Updated May 13, 2026
CVE-2016-10366
CVE-2016-10366
Description
Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.
Affected products
154.3 to 4.6.2+ 14 more
- (no CPE)range: 4.3 to 4.6.2
- cpe:2.3:a:elastic:kibana:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:elastic:kibana:4.5.4:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.