I was looking at this update here: https://discuss.elastic.co/t/kibana-7-17-0-security-update/296215 and I saw that this vulnerability had low privileges. I'm assuming that with vulnerability in order to exploit you need to be an authenticated user with some privileges or no privileges?
@Raminda2
I am wondering which part of the kibana are compromised, CSP or xpack? How do you fix it
I have the same question here. Can we get more details on where the vulnerability is in the code and what the patch was? Thanks!