Medium severity6.1NVD Advisory· Published Jun 5, 2017· Updated May 13, 2026
CVE-2017-8439
CVE-2017-8439
Description
Kibana version 5.4.0 was affected by a Cross Site Scripting (XSS) bug in the Time Series Visual Builder. This bug could allow an attacker to obtain sensitive information from Kibana users.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- discuss.elastic.co/t/elastic-stack-5-4-1-and-5-3-3-security-updates/87952nvdMitigationVendor Advisory
- www.elastic.co/blog/kibana-5-4-1-and-5-3-3-releasednvdRelease NotesVendor Advisory
- www.elastic.co/community/securitynvdVendor Advisory
News mentions
0No linked articles in our index yet.