Bugtraq mailing list archives
CVE-2015-8131: Kibana CSRF vulnerability
From: Kevin Kluge <kevin () elastic co>
Date: Wed, 18 Nov 2015 14:40:41 -0800
Description: Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack. We have been assigned CVE 2015-8131for this issue. CVSS Score: 4.0 Remediation: We recommend that all Kibana users upgrade to either 4.1.3, 4.2.1, or a later version. Confirmation: We have published a vulnerability summary at https://www.elastic.co/community/security. We have also made a blog post about the issue and releases at https://www.elastic.co/blog/kibana-4-2-1-and-4-1-3.
Current thread:
- CVE-2015-8131: Kibana CSRF vulnerability Kevin Kluge (Nov 19)