Primary

Context

Elastic Kibana Cross-Site Scripting Vulnerability via Integration Package Upload

Vulnerability

Patched

A cross-site scripting vulnerability has been identified in Elastic Kibana versions 7.x, 8.0.0 through 8.19.7, and 9.0.0 through 9.1.7, as well as 9.2.0 through 9.2.1. This vulnerability allows authenticated users to inject HTML into a user's browser by exploiting the integration package upload feature. The issue arises from improper input sanitization during web page generation, and it bypasses a previous security fix related to HTML injection.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where injected HTML is rendered in the context of the user's browser, potentially leading to the execution of malicious scripts.

Remediation

Users can upgrade to Kibana versions 8.19.8, 9.1.8, or 9.2.2 to address this vulnerability. For those unable to upgrade, no workarounds are available.

Added: Dec 15, 2025, 11:17 AM

Updated: Dec 15, 2025, 7:03 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.7

exploitability

4.6

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.7

exploitability

4.6

remediation

7.7

relevance

1.5

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Kibana Cross-Site Scripting Vulnerability via Integration Package Upload

Vulnerability

Impact

Remediation

Affected Products

Elastic Kibana

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating