A cross-site-scripting (XSS) vulnerability was discovered in the Vega Charts Kibana integration which could allow arbitrary JavaScript to be executed in a victim’s browser. https://discuss.elastic.co/t/elastic-8-3-1-8-3-0-and-7-17-5-security-update/308613
Created puppet-kibana3 tracking bugs for this issue: Affects: openstack-rdo [bug 2176293]