Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Kibana Reporting plugin version 2.4.0 is vulnerable to a CSRF vulnerability that could allow an attacker to generate superfluous reports whenever an authenticated Kibana user navigates to a specially-crafted page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Elasticsearch Kibana Reporting插件跨站请求伪造漏洞
Vulnerability Description
Elasticsearch Kibana(前称elasticsearch-dashboard)是荷兰Elasticsearch公司的一套开源的、基于浏览器的分析和搜索Elasticsearch仪表板工具。Kibana Reporting是其中的一个报表生成插件。 Elasticsearch Kibana Reporting插件2.4.0版本中存在跨站请求伪造漏洞。远程攻击者可借助特制的页面利用该漏洞创建多余的报告。
CVSS Information
N/A
Vulnerability Type
N/A