Config path visible in source code of Kibana

Hi team,

we are using kibana 7.7.1 and our security team has found that the config path /opt/kibana-7.7.1-linux-x86_64/ is visible when we do view source code on browser for kibana dashboard.

/opt/kibana-7.7.1-linux-x86_64/x-pack/plugins this path is also visible in the source code.

The remote web application discloses path information.
kindly let me know is this a vulnerability ? how can we disable this ?

Thanks for bringing it up! There is a fix in the works.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.