CVE-2016-10366

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-10366
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10366.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-10366
Published
2017-06-16T21:29:00.557Z
Modified
2025-11-20T10:27:30.663736Z
Severity
  • 6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
Summary
[none]
Details

Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.

References

Affected packages

Git / github.com/elastic/kibana

Affected ranges

Type
GIT
Repo
https://github.com/elastic/kibana
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
00d0f493b91e3215703b8c8a64ec09966216ed95
Last affected
07cb4d6aecddbc9dea1a26f55778b32edcef49df
Last affected
3ff0f9b07dbcf2f7552d204777ee426885886609
Last affected
57474ae1b8647bccc5057792af7ab3f962f7521f
Last affected
7b4ce2812bd987673911990a9be7ed09fccd6ef8
Last affected
85c0f729b12f6a6efe2003cbcc28aa1c271f9595
Last affected
addb28966a74b61791ceda352cd5b8b1200f2b2a
Last affected
b0ef773a465d0eb27d192ca77f881eba90ef93d5
Last affected
b8833210a21ca747879f7d93ad34afd3250f954f
Last affected
d6e412dc2fa54666bf6ceb54a197508a4bc70baf
Last affected
e32749e1fa442853975ce2abd5ac2fd88a2dcf58
Last affected
f40c28c2644639c34c2845c432c81be3c0c7955e
Last affected
f898fba4809593df9a66cc3d0778f6faae2566d5
Last affected
ff5cfc5d05a58e53f7acaa762428fa803318d31e

Affected versions

v4.*
v4.0.0
v4.0.0-beta1
v4.0.0-beta1.1
v4.0.0-beta2
v4.0.0-beta3
v4.0.0BETA1
v4.1.0
v4.2.0-beta1
v4.3.0
v4.6.0
v4.6.1

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-10366.json"