NOTE: You are looking at documentation for an older release. For the latest information, see the current release documentation.
Kibana 6.8.10edit
Security updateedit
In Kibana 5.4.0 and later, TSVB visualizations contain a stored XSS flaw. Attackers that can edit and create TSVB visualizations can obtain sensitive information, or perform destructive actions, on behalf of the Kibana users who edit the TSVB visualization, CVE-2020-7015.
You must upgrade to 6.8.10. If you are unable to upgrade, set metrics.enabled:false in your kibana.yml file to disable TSVB.