Description
Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.
Remediation
References
https://www.elastic.co/community/security
Related Vulnerabilities
CVE-2020-2295 Vulnerability in maven package org.jkva.maven-plugins:cascading-release-maven-plugin
CVE-2023-2631 Vulnerability in maven package org.jenkins-ci.plugins:codedx
CVE-2023-50728 Vulnerability in npm package @octokit/app
CVE-2023-49803 Vulnerability in npm package @koa/cors
CVE-2014-0096 Vulnerability in maven package org.apache.tomcat:catalina