3 matches found
CVE-2014-8301
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...
CVE-2014-8301
Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...
CVE-2014-8301
CVE-2014-8301 is a cross-site scripting (XSS) vulnerability in Splunk Web of Splunk Enterprise 5.0.x prior to 5.0.10. The issue arises from improper handling/validation of the HTTP Referer header, allowing remote attackers to inject arbitrary web script or HTML into a user’s browser session. The ...