CVE-2024-35291

Cross-site scripting vulnerability exists in Splunk Config Explorer versions prior to 1.7.16. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.
Configurations

No configuration.

History

21 Nov 2024, 09:20

Type Values Removed Values Added
References () https://jvn.jp/en/jp/JVN56781258/ - () https://jvn.jp/en/jp/JVN56781258/ -
References () https://splunkbase.splunk.com/app/4353 - () https://splunkbase.splunk.com/app/4353 -

28 Oct 2024, 20:35

Type Values Removed Values Added
CWE CWE-79
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 6.1

28 May 2024, 12:39

Type Values Removed Values Added
Summary
  • (es) La vulnerabilidad de cross site scripting existe en las versiones de Splunk Config Explorer anteriores a la 1.7.16. Si se explota esta vulnerabilidad, se puede ejecutar un script arbitrario en el navegador web del usuario que utiliza el producto.

27 May 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-27 05:15

Updated : 2024-11-21 09:20


NVD link : CVE-2024-35291

Mitre link : CVE-2024-35291

CVE.ORG link : CVE-2024-35291


JSON object : View

Products Affected

No product.

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')