CVE-2018-3818 - AskarLabs CVE Database

CVE-2018-3818

Vendor Elastic

Product Kibana

Weakness CWE-79 · XSS

Published March 30, 2018

Last update August 5, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting (XSS) vulnerability via the colored fields formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

Key dates

02Disclosure timeline

March 30, 2018 CVE published

August 5, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-3818

Related vulnerabilities

04Related CVE

CVE-2022-37338 WordPress Blossom Recipe Maker plugin <= 1.0.7 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities CVE-2022-20669 Cisco Common Services Platform Collector Cross-Site Scripting Vulnerabilities CVE-2024-1541 Gutenberg Blocks by Kadence Blocks – Page Builder Features <= 3.2.23 - Authenticated (Contributor+) Stored Cross-Site Scripting CVE-2024-8776 INTUMIT SmartRobot - Cross-site Scripting CVE-2024-9320 SourceCodester Online Timesheet App Add Timesheet Form add-timesheet.php cross site scripting