With X-Pack installed, Kibana versions prior to 5.3.1 have an open redirect vulnerability on the login page that would enable an malicious user to craft a link that redirects to an arbitrary website.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
elastic kibana |