CVE-2015-6515

2022-10-0316:15:55

mitre

www.cve.org

splunk web

xss

vulnerability

remote attackers

arbitrary web script

html

5.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

46.0%

JSON

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header.

References

www.securitytracker.com/id/1032859

www.splunk.com/view/SP-CAAAN7C