Description
Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website.
Remediation
References
https://www.elastic.co/community/security
Related Vulnerabilities
CVE-2010-3718 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2023-31453 Vulnerability in maven package org.apache.inlong:manager-web
CVE-2019-10364 Vulnerability in maven package org.jenkins-ci.plugins:ec2
CVE-2021-3637 Vulnerability in maven package org.keycloak:keycloak-model-infinispan
CVE-2023-31058 Vulnerability in maven package org.apache.inlong:manager-common