elasticsearch is vulnerable to information disclosure. The library does not properly filter the settings API, allowing a malicious user can pass a query to the _cluster/settings
API to gain access to sensitive configuration information like passwords, tokens or usernames.