A cross-site scripting vulnerability（ CVE-2001-1199） was found in Elasticsearch:9200，I've never seen it before，so how to fix it, anybody helps?
What about upgrading your elasticsearch version? That's the way to go.
First of all questions: why do you use default port?
CVE-2001-1199 is a vulnerability in a system called Agora which is unrelated to Elasticsearch. Are you using Agora? If so, you need help from someone with Agora expertise. If not, your vulnerability scanner is buggy. Either way, I don't think this is the best place to get help.
FYI 7.9 is EOL and no longer supported, you need to upgrade as a matter of urgency.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.