VYPR
Unrated severityNVD Advisory· Published Jun 3, 2020· Updated Aug 4, 2024

CVE-2020-7015

CVE-2020-7015

Description

Kibana versions before 6.8.9 and 7.7.0 contains a stored XSS flaw in the TSVB visualization. An attacker who is able to edit or create a TSVB visualization could allow the attacker to obtain sensitive information from, or perform destructive actions, on behalf of Kibana users who edit the TSVB visualization.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Elastic/Kibanallm-fuzzy2 versions
    >=6.0.0, <6.8.9 and >=7.0.0, <7.7.0+ 1 more
    • (no CPE)range: >=6.0.0, <6.8.9 and >=7.0.0, <7.7.0
    • (no CPE)range: before 6.8.9 and 7.7.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.