{"id":"CVE-2022-38779","details":"An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.","modified":"2026-03-14T11:54:21.421333Z","published":"2023-02-22T00:15:11.213Z","references":[{"type":"ADVISORY","url":"https://discuss.elastic.co/t/kibana-7-17-9-and-8-6-2-security-update/325782"},{"type":"ADVISORY","url":"https://www.elastic.co/community/security"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elastic/kibana","events":[{"introduced":"ee89fda8a17eff9c93f7400c102edf76cb4d7d8a"},{"fixed":"00b0b0440dbf6f8c542448473e020c99d352a0f5"},{"introduced":"57ca5e139a33dd2eed927ce98d8231a1f217cd15"},{"fixed":"aabd37e8a9069bed4f63b8c457a6829f4581ab97"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"fixed":"7.17.9"},{"introduced":"8.0.0"},{"fixed":"8.6.2"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-38779.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}