NOTE: You are looking at documentation for an older release. For the latest information, see the current release documentation.
Kibana 6.8.6
editKibana 6.8.6
editBug fix
edit- Maps
-
- Fixes a cross-site scripting (XSS) flaw in Coordinate and Region Map visualizations. An attacker could create a malicious visualization that executes JavaScript in a victim’s browser when the visualization, or dashboard containing the visualization, was viewed. Since Kibana 6.7.0, Content Security Policy (CSP), which prevents attackers from using this flaw, is enabled by default. However, an attacker can still inject arbitrary HTML into the page. See https://www.elastic.co/community/security/, CVE-2019-7621.
- Sanitizes attribution #52309