Kibana open redirect issue (ESA-2024-10).
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Affected Versions:
Kibana Versions before 7.17.22 and before 8.14.0.
Solutions and Mitigations:
The issue is resolved in versions 7.17.22 and 8.14.0.
Severity: CVSSv3: 6.1(Medium) - AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CVE ID: CVE-2024-23442