Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2016-1000220 Vulnerability in npm package kibana

Description

Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.

Remediation

References

http://www.securityfocus.com/bid/99179

https://www.elastic.co/community/security

Related Vulnerabilities

CVE-2013-2165 Vulnerability in maven package org.richfaces.core:richfaces-core-impl

CVE-2022-41879 Vulnerability in npm package parse-server

CVE-2019-10423 Vulnerability in maven package com.villagechief.codescan.jenkins:codescan

CVE-2018-20677 Vulnerability in maven package org.fujion.webjars:bootstrap

CVE-2023-40348 Vulnerability in maven package org.jenkins-ci.plugins:gogs-webhook

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Third Party Advisory VDB Entry Vendor Advisory