1 Elasticsearch has a flaw in its default configuration which makes it possible for any webpage to execute arbitrary code on visitors with Elasticsear..
2 No user interaction required!
3 There is one target that isn’t mentioned in the documentation though: The Developer! When you’re developing an application that uses Elasticsearch, ..