Kibana: Open Redirect and SSRF Vulnerability

In Kibana versions up to and including 7.17.28, 8.0.0 up to and including 8.17.7, 8.18.0 up to and including 8.18.2 and 9.0.0 up to and including 9.0.2 a medium severity vulnerability CVE-2025-25012 was detected. This vulnerability allows attackers to redirect users to untrusted sites and potentially perform server-side request forgery (SSRF) via specially crafted URLs. To address this issue, users should upgrade Kibana to versions 7.17.29, 8.17.8, 8.18.3 or 9.0.3. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-25012.