Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.
References
Link | Resource |
---|---|
https://www.splunk.com/view/SP-CAAAPYC | Vendor Advisory |
https://www.splunk.com/view/SP-CAAAPYC | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 03:09
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.splunk.com/view/SP-CAAAPYCÂ - Vendor Advisory |
Information
Published : 2017-08-05 21:29
Updated : 2024-11-21 03:09
NVD link : CVE-2017-12572
Mitre link : CVE-2017-12572
CVE.ORG link : CVE-2017-12572
JSON object : View
Products Affected
splunk
- splunk
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')