With X-Pack installed, Kibana versions before 5.3.1 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website.

Related CVEs

CVE-2017-8451

Key Information

GHSA ID

GHSA-r58v-fqqp-24p8

Published

May 13, 2022 1:14 AM

Last Modified

May 13, 2022 1:14 AM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: August 31, 2025 6:33 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.