CVE-2022-23707 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2022-23707 Interim 1 6 2025-02-16T03:10:05Z current 2022-02-09T02:43:43Z 2025-02-16T03:10:05Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2022-23707 An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings HPE Helion OpenStack 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 kibana kibana as a component of HPE Helion OpenStack 8 kibana as a component of SUSE OpenStack Cloud 8 kibana as a component of SUSE OpenStack Cloud 9 kibana as a component of SUSE OpenStack Cloud Crowbar 8 kibana as a component of SUSE OpenStack Cloud Crowbar 9 An XSS vulnerability was found in Kibana index patterns. Using this vulnerability, an authenticated user with permissions to create index patterns can inject malicious javascript into the index pattern which could execute against other users CVE-2022-23707 HPE Helion OpenStack 8:kibana SUSE OpenStack Cloud 8:kibana SUSE OpenStack Cloud 9:kibana SUSE OpenStack Cloud Crowbar 8:kibana SUSE OpenStack Cloud Crowbar 9:kibana important 3.5 AV:N/AC:M/Au:S/C:N/I:P/A:N 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N