CVE-2015-8131

Cross-site request forgery (CSRF) vulnerability in Elasticsearch Kibana before 4.1.3 and 4.2.x before 4.2.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

Date published : 2015-12-07

http://www.securityfocus.com/archive/1/536935/100/0/threaded

https://www.elastic.co/community/security/