CVE-2022-38779 - AskarLabs CVE Database

CVE-2022-38779

Vendor Elastic

Product kibana

Weakness CWE-601 · Open redirect

Published February 21, 2023

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

Key dates

02Disclosure timeline

February 21, 2023 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-38779 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/601.html

Related vulnerabilities

04Related CVE

CVE-2021-32645 Open Redirect in tenancy CVE-2026-40332 Masa CMS open redirect via improper handling of scheme-relative URLs CVE-2025-57821 Basecamp's Google Sign-In for Rails allowed redirects to a malformed URL CVE-2025-61587 Weblate integration with Anubis can lead to Open Redirect via redir parameter CVE-2025-6552 java-aodeng Hope-Boot Login WebController.java doLogin redirect