An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.
[
{
"vendor": "Elastic",
"product": "Kibana",
"versions": [
{
"version": "All versions of Kibana before 7.13.0 and 6.8.16.",
"status": "affected"
}
]
}
]