CVE-2022-23713 - AskarLabs CVE Database

CVE-2022-23713

Vendor Elastic

Product kibana

Weakness CWE-79 · XSS

Published July 6, 2022

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser.

Key dates

02Disclosure timeline

July 6, 2022 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-23713 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/79.html

Related vulnerabilities

04Related CVE

CVE-2025-9203 Media Player Addons for Elementor <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widget Fields CVE-2022-0399 Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting CVE-2023-48449 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79) CVE-2024-2188 Cross-Site Scripting vulnerability in TP-Link Archer AX50 CVE-2025-22743 WordPress Twitter Bootstrap Collapse aka Accordian Shortcode plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability