5 matches found
EUVD-2014-8217
Malware in sbrugna...
CVE-2014-8380
Cross-site scripting XSS vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression...
Cross site scripting
Cross-site scripting XSS vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression...
CVE-2014-8380
The CVE-2014-8380 is an XSS vulnerability in Splunk 6.1.1 where the Referer header in a 404 response is not properly sanitized, enabling remote attackers to inject arbitrary script/HTML in the victim’s browser. Multiple connected sources (OpenVAS, Tenable, CVE listings) corroborate this as a Refe...
CVE-2010-2429
CVE-2010-2429 affects Splunk Web 4.0–4.1.2, where an XSS exists in how the HTTP Referer is reflected in 404 Not Found responses (notably when used in Internet Explorer). The root cause is improper sanitization of the Referer header, allowing remote attackers to inject arbitrary script/HTML into a...