A critical security flaw, CVE-2024-37287, has been identified in Kibana, an open-source data visualization and exploration tool, which could allow attackers to execute arbitrary code via a prototype pollution vulnerability. Ref https://discuss.elastic.co/t/kibana-8-14-2-7-17-23-security-update-esa-2024-22/364424

Kibana arbitrary code execution via prototype pollution (ESA-2024-22)
- Post author:System
- Post published:17 August 2024
- Post category:Blog & News