CVE-2025-68387 | Elastic Kibana up to 7.17.29/8.19.8/9.1.8/9.2.2 Vega AST Evaluator cross site scripting

A vulnerability was found in Elastic Kibana up to 7.17.29/8.19.8/9.1.8/9.2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Vega AST Evaluator. The manipulation leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-68387. The attack is possible to be carried out remotely. No exploit exists.

VulDB is the best source for vulnerability data and more expert information about this specific topic.VulDB Recent EntriesRead More