2 matches found
CVE-2014-5198
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...
CVE-2014-5198
The CVE-2014-5198 entry concerns Splunk Enterprise 6.1.x prior to 6.1.3 where an XSS vulnerability exists in Splunk Web. The root cause is improper handling/validation of the Referer header, allowing remote attackers to inject arbitrary web script or HTML in the victim’s browser. Affected compone...