Arbitrary Command Execution
Affecting kibana package, versions <5.3.13 || >=6.4.0 <6.4.3
kibana is an open source (Apache Licensed), browser-based analytics and search dashboard for Elasticsearch.
Affected versions of this package are vulnerable to Arbitrary Command Execution due to a file inclusion flaw in the Console plugin.
kibana to version 5.6.13, 6.4.3 or higher.