Description
With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.
Remediation
References
https://www.elastic.co/community/security
Related Vulnerabilities
CVE-2019-16564 Vulnerability in maven package com.paul8620.jenkins.plugins:pipeline-aggregator-view
CVE-2019-1003072 Vulnerability in maven package org.jenkins-ci.plugins:wildfly-deployer
CVE-2023-50720 Vulnerability in maven package org.xwiki.platform:xwiki-platform-search-solr-api
CVE-2013-1921 Vulnerability in maven package org.picketbox:jbosssx
CVE-2012-1154 Vulnerability in maven package org.jboss.native:mod-cluster