Vulnerability Database

Published: Jun 16, 2017
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2016-1000220" target="_blank" rel="noopener"> CVE-2016-1000220
Severity: Low
Exploit:

308,918

Total vulnerabilities in the database

Kibana before 4.5.4 and 4.1.11 are vulnerable to an XSS attack that would allow an attacker to execute arbitrary JavaScript in users' browsers.

CVSS v2:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
elastic / kibana	4.1.0	4.1.11
elastic / kibana	4.5.0	4.5.4

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.