CVE-2022-23713
- Source
- https://cve.org/CVERecord?id=CVE-2022-23713
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23713.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-23713
- Published
- 2022-07-06T14:15:18.393Z
- Modified
- 2026-02-10T04:37:50.735729Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser.
- References
Affected packages
Git / github.com/elastic/elasticsearch
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23713.json"
vanir_signatures
[
{
"id": "CVE-2022-23713-1c36b99b",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"149814603545127373302241261762155561703",
"165673305490496353342110748261755235067",
"112668016141376206600979800622781882657",
"50121618688675243675519188844361970627"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "server/src/internalClusterTest/java/org/elasticsearch/indices/TestSystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-1c8c745a",
"signature_type": "Function",
"digest": {
"function_hash": "263135448464433112369944711415772447672",
"length": 143.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "getSystemIndexDescriptors",
"file": "modules/reindex/src/internalClusterTest/java/org/elasticsearch/migration/AbstractFeatureMigrationIntegTest.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-1ca59a69",
"signature_type": "Function",
"digest": {
"function_hash": "198678098717961691442136271576079170304",
"length": 1085.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "build",
"file": "server/src/main/java/org/elasticsearch/upgrades/SystemIndexMigrationInfo.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-1cdc400d",
"signature_type": "Function",
"digest": {
"function_hash": "156999652117860299162320234312776695235",
"length": 289.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "build",
"file": "server/src/main/java/org/elasticsearch/indices/SystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-2e56fa52",
"signature_type": "Function",
"digest": {
"function_hash": "111134404517084083039516290202730858943",
"length": 2218.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "migrateSingleIndex",
"file": "server/src/main/java/org/elasticsearch/upgrades/SystemIndexMigrator.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-34e88bae",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"58378641542598640610571635711872050491",
"317635002179089721975016940541892344464",
"97757737670552530560400438918249267982"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "server/src/main/java/org/elasticsearch/cluster/metadata/IndexTemplateMetadata.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-3f8f7b07",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"44010735577851250729002288832568735470",
"978624701654085015472038205965902129",
"108053677099037130440985214853153447069",
"101323164699681000573057990115660094327",
"233288177004547654858022728790275158855",
"307165077176802228213691918282312330140",
"170697083239845793385489466566277953358",
"64921085746118151892341493220305425273",
"255137566639305320657803723460887927267",
"45486096464111182020462631392986832032"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "server/src/main/java/org/elasticsearch/upgrades/SystemIndexMigrator.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-6dad5359",
"signature_type": "Function",
"digest": {
"function_hash": "256448469821178801588261603884818063829",
"length": 5570.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "SystemIndexDescriptor",
"file": "server/src/main/java/org/elasticsearch/indices/SystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-78fa3bf2",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"150614884027524669973714268643789896456",
"255613349146874729635256936686269619742",
"178363337353523142956710470470235550771",
"129874911847274260498425154030056702623",
"315785541064634256872474360665132913937",
"292906179830866028719177943195521792999",
"329497775857446459941137236514708380321",
"95362731486026124455461093086928165109",
"93550843768173749135293354284873350245",
"125741074127586703372733020053505136736",
"289172966557487721044168245697621703405",
"143319521647931302934576153295855009112",
"273947284294828266335208680158151261346",
"252930739314718132449290680361568587495",
"172834825410188922032610623471745956808",
"285508234549701132046111135932176093100",
"87190483513321421251245686340974039938",
"241162287661490900003476402674321157676",
"172248308855956622380642361420313460301"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "server/src/main/java/org/elasticsearch/upgrades/SystemIndexMigrationInfo.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-88b6b4de",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"322183188381008469761983526144249718860",
"159131301264155707345234223706965773313",
"238802676407930582027154817526219998563",
"318748504148028370740218288928670668607",
"165673305490496353342110748261755235067",
"112668016141376206600979800622781882657",
"50121618688675243675519188844361970627",
"8608918115355112020102425788602773942",
"112696277655238966840842804034030780357",
"112668016141376206600979800622781882657",
"50121618688675243675519188844361970627",
"218597560902914728680335510432082487052",
"228172174665080788486201287178417856535",
"228473600057949389214671646393440141502",
"320372111195608017629557234196151239396",
"314671863873101942222401523217409616628",
"216925030578614122557337724903261689216",
"231415765520942821079831652675092748516",
"249220949787105013516450060840402032090",
"259443372767452533145926595658355332461",
"290515831843094020243206058756638737707",
"116706842596986974198430445777550676423",
"254581859628241810206174588969535381019",
"298316879022226173891560927062410757144",
"322396827554573730412587672092505683709",
"31468005201522249883359504439577543760",
"136960132379488079098536522548418858080",
"101749846700991679637003691808725614494",
"144735303943842036409572931195381632566",
"174830034705614953589952320109623389458",
"301763086646748352789306841944003325818",
"21018488993272091052383679387252048863",
"172981582905593700939857325105773853297",
"108114807299012041190124766476780754290",
"58788655986702735363685435628125378795",
"109454638629857271969309984529907398944",
"74534154243253103097809564003476918219"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "server/src/main/java/org/elasticsearch/indices/SystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-920f98cb",
"signature_type": "Function",
"digest": {
"function_hash": "309719903833372232047170127494164686538",
"length": 259.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "SystemIndexDescriptor",
"file": "server/src/main/java/org/elasticsearch/indices/SystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-9c1569b5",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"22863144854955973860986400718070828594",
"104924485180368913266767908965883469480",
"180990245836952275023355652570129949754",
"114293508625806482197691690602682717549",
"192606539441712091946421998460174004546",
"254089388594500808910615699499218104931",
"69170609255741006641590287383033518509",
"978624701654085015472038205965902129",
"18408873402403400867143443707693548311",
"163460974465918818305285776007016634676",
"304534591852561042851367581801584513142",
"155712849895923429870719504560659614535",
"134825945929124988149081217657978380466",
"188718391911051373723949901031241611942",
"69514304887820629636650577333462116619",
"259334400513967239200591745449913142417"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "modules/reindex/src/internalClusterTest/java/org/elasticsearch/migration/FeatureMigrationIT.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-a5e8da17",
"signature_type": "Function",
"digest": {
"function_hash": "240463122843739079330925596676731802115",
"length": 260.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "SystemIndexDescriptor",
"file": "server/src/main/java/org/elasticsearch/indices/SystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-b5c0456b",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"74960588878386211899653146645416911242",
"184715649005158789041882910437161825952",
"106630189770343587924051342996476420967",
"318524748641065319268298621173338390126",
"224132333823847357033932306728442632596",
"325629051217144575010839388274540441648",
"299249610447266319959891036912065027882"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "modules/reindex/src/internalClusterTest/java/org/elasticsearch/migration/AbstractFeatureMigrationIntegTest.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-bfc83829",
"signature_type": "Function",
"digest": {
"function_hash": "91427547403676364240606431145565843338",
"length": 273.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "SystemIndexMigrationInfo",
"file": "server/src/main/java/org/elasticsearch/upgrades/SystemIndexMigrationInfo.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-c5acd6a2",
"signature_type": "Function",
"digest": {
"function_hash": "104000866608604851758222023620657941269",
"length": 281.0
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"function": "TestSystemIndexDescriptor",
"file": "server/src/internalClusterTest/java/org/elasticsearch/indices/TestSystemIndexDescriptor.java"
},
"deprecated": false
},
{
"id": "CVE-2022-23713-e8359635",
"signature_type": "Line",
"digest": {
"threshold": 0.9,
"line_hashes": [
"29559779943003872363765177069344822568",
"10307524878464252266523854853665523890",
"315018850304309537488644287075348620565",
"47873166486602871123891734332588908904"
]
},
"signature_version": "v1",
"source": "https://github.com/elastic/elasticsearch/commit/8d61b4f7ddf931f219e3745f295ed2bbc50c8e84",
"target": {
"file": "modules/kibana/src/main/java/org/elasticsearch/kibana/KibanaPlugin.java"
},
"deprecated": false
}
]