Cross site scripting

2014-10-1001:55:00

PRIOn knowledge base

www.prio-n.com

5.6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

30.0%

JSON

Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file.

CPENameOperatorVersion
splunkeq6.0.2
splunkle6.0.3
splunkeq6.0.0
splunkeq6.0.1

Name	Operator	Version
splunk	eq	6.0.2
splunk	le	6.0.3
splunk	eq	6.0.0
splunk	eq	6.0.1

References

securitytracker.com/id?1030800

www.splunk.com/view/SP-CAAAMSH