CVE-2020-7017 - AskarLabs CVE Database

CVE-2020-7017

Vendor Elastic

Product Kibana

Weakness CWE-79 · XSS

Published July 27, 2020

Last update August 4, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. An attacker who is able to edit or create a region map visualization could obtain sensitive information or perform destructive actions on behalf of Kibana users who view the region map visualization.

Key dates

02Disclosure timeline

July 27, 2020 CVE published

August 4, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2020-7017 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2026-27241 Adobe Experience Manager | Cross-site Scripting (Stored XSS) (CWE-79) CVE-2025-39516 WordPress Author WIP Progress Bar plugin <= 1.0 - Cross Site Scripting (XSS) Vulnerability CVE-2025-3019 Cross-site scripting vulnerabilities in KNIME Business Hub web pages CVE-2025-5757 code-projects Traffic Offense Reporting System save-reported.php cross site scripting CVE-2022-3002 Cross-site Scripting (XSS) - Stored in yetiforcecompany/yetiforcecrm