CVE-2011-4778

Splunk 4.2.x - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.splunk.com/view/SP-CAAAGMM
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1026451

Scores

EPSS 0.0026
EPSS Percentile 49.7%

Details

CWE
CWE-79
Status published
Products (5)
splunk/splunk 4.2
splunk/splunk 4.2.1
splunk/splunk 4.2.2
splunk/splunk 4.2.3
splunk/splunk 4.2.4
Published Jan 03, 2012
Tracked Since Feb 18, 2026