CVE-2011-4778

Splunk - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614.

References (2)

[Vendor Advisory] http://www.splunk.com/view/SP-CAAAGMM

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1026451

Scores

EPSS 0.0026

EPSS Percentile 49.4%

Classification

CWE

CWE-79

Status published

Affected Products (6)

splunk/splunk

n/a/n/a

Timeline

Published Jan 03, 2012

Tracked Since Feb 18, 2026