CVE-2012-1908

Splunk 4.0-4.3 - Cross-Site Scripting

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

http://www.splunk.com/view/SP-CAAAGTK#38585

Scores

EPSS 0.0026

EPSS Percentile 49.7%

Details

CWE

CWE-79

Status published

Products (27)

splunk/splunk 4.0

splunk/splunk 4.0.1

splunk/splunk 4.0.2

splunk/splunk 4.0.3

splunk/splunk 4.0.4

splunk/splunk 4.0.5

splunk/splunk 4.0.6

splunk/splunk 4.0.7

splunk/splunk 4.0.8

splunk/splunk 4.0.9

... and 17 more

Published Aug 17, 2012

Tracked Since Feb 18, 2026