CVE-2022-23710 - AskarLabs CVE Database

CVE-2022-23710

Vendor Elastic

Product kibana

Weakness CWE-79 · XSS

Published March 3, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A cross-site-scripting (XSS) vulnerability was discovered in the Data Preview Pane (previously known as Index Pattern Preview Pane) which could allow arbitrary JavaScript to be executed in a victim’s browser.

Key dates

02Disclosure timeline

March 3, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-23710 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2024-2280 Better Elementor Addons <= 1.4.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via widget links CVE-2025-39529 WordPress Scriptless Social Sharing plugin <= 3.3.0 - Cross Site Scripting (XSS) Vulnerability CVE-2026-3217 SAML SSO - Service Provider - Critical - Cross-site scripting - SA-CONTRIB-2026-018 CVE-2026-6808 Pricing Tables for WP <= 1.1.0 - Reflected Cross-Site Scripting via 'page' Parameter CVE-2021-32962 Claroty Secure Remote Access Site - Authentication Bypass Using an Alternate Path or Channel