Medium severity6.1OSV Advisory· Published Aug 23, 2024· Updated Apr 15, 2026
CVE-2024-43794
CVE-2024-43794
Description
OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is available in 1.3.19 and 2.16.0 for this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.0.0.0, 1.0.0.0-beta1, 1.0.0.0-rc1, …+ 1 more
- (no CPE)range: 1.0.0.0, 1.0.0.0-beta1, 1.0.0.0-rc1, …
- (no CPE)range: <=1.3.19, <=2.16.0
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.