URL Injection Vulnerability in floragunn Search Guard Plugin for Kibana

URL Injection Vulnerability in floragunn Search Guard Plugin for Kibana

CVE-2018-20698 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.

Learn more about our Web Application Penetration Testing UK.