- Kibana Guide: other versions:
- Introduction
- Set Up Kibana
- Getting Started
- Discover
- Visualize
- Dashboard
- Timelion
- Canvas
- Graphing connections in your data
- Machine learning
- Maps
- Infrastructure
- Logs
- APM
- Uptime
- Dev Tools
- Monitoring
- Management
- Reporting from Kibana
- REST API
- Kibana Plugins
- Limitations
- Release Highlights
- Breaking changes
- Release notes
- Kibana 6.8.23
- Kibana 6.8.22
- Kibana 6.8.21
- Kibana 6.8.20
- Kibana 6.8.19
- Kibana 6.8.18
- Kibana 6.8.17
- Kibana 6.8.16
- Kibana 6.8.15
- Kibana 6.8.14
- Kibana 6.8.13
- Kibana 6.8.12
- Kibana 6.8.11
- Kibana 6.8.10
- Kibana 6.8.9
- Kibana 6.8.8
- Kibana 6.8.7
- Kibana 6.8.6
- Kibana 6.8.5
- Kibana 6.8.4
- Kibana 6.8.3
- Kibana 6.8.2
- Kibana 6.8.1
- Kibana 6.8.0
- Kibana 6.7.2
- Kibana 6.7.1
- Kibana 6.7.0
- Kibana 6.6.2
- Kibana 6.6.1
- Kibana 6.6.0
- Kibana 6.5.4
- Kibana 6.5.3
- Kibana 6.5.2
- Kibana 6.5.1
- Kibana 6.5.0
- Kibana 6.4.3
- Kibana 6.4.2
- Kibana 6.4.1
- Kibana 6.4.0
- Kibana 6.3.2
- Kibana 6.3.1
- Kibana 6.3.0
- Kibana 6.2.4
- Kibana 6.2.3
- Kibana 6.2.2
- Kibana 6.2.1
- Kibana 6.2.0
- Kibana 6.1.4
- Kibana 6.1.3
- Kibana 6.1.2
- Kibana 6.1.1
- Kibana 6.1.0
- Kibana 6.0.1
- Kibana 6.0.0
- Kibana 6.0.0-rc2
- Kibana 6.0.0-rc1
- Kibana 6.0.0-beta2
- Kibana 6.0.0-beta1
- Kibana 6.0.0-alpha2
- Kibana 6.0.0-alpha1
- Developer guide
NOTE: You are looking at documentation for an older release. For the latest information, see the current release documentation.
Kibana 6.8.10
editKibana 6.8.10
editSecurity update
editIn Kibana 5.4.0 and later, TSVB visualizations contain a stored XSS flaw. Attackers that can edit and create TSVB visualizations can obtain sensitive information, or perform destructive actions, on behalf of the Kibana users who edit the TSVB visualization, CVE-2020-7015.
You must upgrade to 6.8.10. If you are unable to upgrade, set metrics.enabled:false
in your kibana.yml file to disable TSVB.
On this page
Was this helpful?
Thank you for your feedback.