CVE-2018-20698

CVE-2018-20698

EPSS 0.8%

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://docs.search-guard.com/latest/changelog-kibana-6.x-16 https://github.com/floragunncom/search-guard-kibana-plugin/pull/140