Description
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
References (3)
Core 3
Core References
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/55774
Vendor Advisory x_refsource_confirm
http://www.splunk.com/view/SP-CAAAJCD
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1029385
Scores
EPSS
0.0032
EPSS Percentile
55.3%
Details
CWE
CWE-79
Status
published
Products (50)
splunk/splunk
2.1
splunk/splunk
2.2
splunk/splunk
2.2.1
splunk/splunk
2.2.3
splunk/splunk
2.2.6
splunk/splunk
3.0
splunk/splunk
3.0.1
splunk/splunk
3.0.2
splunk/splunk
3.1
splunk/splunk
3.1.1
... and 40 more
Published
Nov 25, 2013
Tracked Since
Feb 18, 2026