CVE-2025-25017

Name of the Vulnerable Software and Affected Versions Kibana versions 5.3 through 8.7

Description Several cross-site scripting (XSS) issues have been disclosed by Elastic in Kibana. These issues could potentially allow for malicious code execution within the application. A search on Netlas.io using the dork 'http.unknown headers.key:"kbn name"' may identify potentially affected instances.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.