CVE-2016-10366by Jeremyin Security Bulletinson Posted on June 16, 2017 Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack.