### [CVE-2021-22141](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22141)
![](https://img.shields.io/static/v1?label=Product&message=Kibana&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=All%20versions%20of%20Kibana%20before%207.13.0%20and%206.8.16.%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-601%3A%20URL%20Redirection%20to%20Untrusted%20Site&color=brightgreen)

### Description

An open redirect flaw was found in Kibana versions before 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.

### POC

#### Reference
- https://www.elastic.co/community/security/

#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/cyb3r-w0lf/nuclei-template-collection