Description
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (3)
Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/59038
Patch, Vendor Advisory x_refsource_confirm
http://www.splunk.com/view/SP-CAAAHSQ
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1028371
Scores
EPSS
0.0036
EPSS Percentile
58.2%
Details
CWE
CWE-79
Status
published
Products (6)
splunk/splunk
4.3
splunk/splunk
4.3.1
splunk/splunk
4.3.2
splunk/splunk
4.3.3
splunk/splunk
4.3.4
splunk/splunk
4.3.5
Published
Apr 10, 2013
Tracked Since
Feb 18, 2026