10 matches found
CVE-2025-20382
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using th...
CVE-2025-20382
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10, 10.0.2503.8, and 9.3.2411.120, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a views dashboard with a custom background using th...
Splunk Enterprise 9.2.0 < 9.2.10, 9.3.0 < 9.3.8, 9.4.0 < 9.4.6, 10.0 < 10.0.2 (SVD-2025-1201)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1201 advisory. - In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.10,...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864 Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864 Nagios XI < 5.7.2 XSS via Dashboard Background Color Setting
Nagios XI versions prior to 5.7.2 are vulnerable to cross-site scripting XSS via the background color settings in Dashboards. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...
CVE-2020-36864
CVE-2020-36864 affects Nagios XI versions prior to 5.7.2. The vulnerability is a cross-site scripting (XSS) flaw in the Dashboard background color setting caused by insufficient validation/escaping of user input, allowing an attacker to inject and execute arbitrary script in a victim’s browser. A...
PT-2025-44547
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.2 Description Nagios XI versions prior to 5.7.2 are susceptible to cross-site scripting XSS through the background color settings within Dashboards. This is due to inadequate validation or escaping of...