CVE-2019-5727

MEDIUM

Splunk Enterprise 6.0.0-6.5.4 & Splunk Light <6.6.0 - Stored XSS

Title source: llm
STIX 2.1

Description

Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.

References (2)

Core 2
Core References
Third Party Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/107113
Vendor Advisory x_refsource_misc
https://www.splunk.com/view/SP-CAAAQAF

Scores

CVSS v3 5.4
EPSS 0.0022
EPSS Percentile 45.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Details

CWE
CWE-79
Status published
Products (2)
splunk/splunk < 6.6.0
splunk/splunk 6.0.0 - 6.0.15
Published Feb 21, 2019
Tracked Since Feb 18, 2026