CVE-2015-8131: Kibana CSRF vulnerability Nov 18 2015 10:40PM
Kevin Kluge (kevin elastic co)

Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a CSRF attack.

We have been assigned CVE 2015-8131for this issue.

CVSS Score: 4.0


We recommend that all Kibana users upgrade to either 4.1.3, 4.2.1, or a later version.


We have published a vulnerability summary at

We have also made a blog post about the issue and releases at

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus