FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kibana4 -- CSRF vulnerability

Affected packages
4.0.0 <= kibana4 < 4.1.3
4.0.0 <= kibana41 < 4.1.3
4.2.0 <= kibana42 < 4.2.1

Details

VuXML ID fb2475c2-9125-11e5-bd18-002590263bf5
Discovery 2015-11-17
Entry 2015-11-22

Elastic reports:

Vulnerability Summary: Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack.

Remediation Summary: Users should upgrade to 4.1.3 or 4.2.1.

References

CVE Name CVE-2015-8131
URL https://www.elastic.co/community/security/