3 matches found
CVE-2022-43569 Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise
In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts that can lead to persistent cross-site scripting XSS in the object name of a Data Model...
CVE-2022-43569
CVE-2022-43569 affects Splunk Enterprise versions prior to 8.1.12, 8.2.9, and 9.0.2. An authenticated user can inject and store arbitrary scripts resulting in persistent cross-site scripting (XSS) in the object name of a Data Model. Remediation per sources: upgrade to 8.1.12 or later, 8.2.9 or la...
Splunk Enterprise 8.1 < 8.1.12, 8.2.0 < 8.2.9, 9.0.0 < 9.0.2 (SVD-2022-1109)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2022-1109 advisory. - In Splunk Enterprise versions below 8.1.12, 8.2.9, and 9.0.2, an authenticated user can inject and store arbitrary scripts th...