Splunk Enterprise alerts alerts_id Server-Side Request Forgery
A sever-side request forgery vulnerability exists in the alerts web interface of Splunk Enterprise. The vulnerability is due to a lack of validation on the alertsid parameter in HTTP requests sent to the alerts page. A remote, unauthenticated attacker can exploit this vulnerability by enticing an...