Need info regarding Kibana Timelion Remote Code Execution issue (ESA-2019-02)

Hi,

I'm evaluating the Kibana Timelion Remote Code Execution issue (ESA-2019-02) CVE from:

I'd really appreciate if somebody could point out to the GitHub patch for this fix.

Thanks.

The PR for fixing this is here: https://github.com/elastic/kibana/pull/28834

Thanks @nickpeihl for your support on this.
Just to confirm, from what you say, ESA-2019-01 and ESA-2019-02 are both the same pull 28834?
Thanks

@fragatina It appears to be the same PR for both. But you can email security@elastic.co for more info.

Thanks @nikpeihl for your help on this.

Hi, I am looking for the patch that's fixing the ESA-2019-01 XSSvulnerability. So Can we confirm that both ESA-2019-01 and ESA-2019-02 have the same PR's and Patches. Thanks in advance for the help

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.