CVE-2025-20297 Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the pdfgen/render REST endpoint th...

CVE-2025-20297 Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the pdfgen/render REST endpoint th...

Splunk Cloud Platform和Splunk Enterprise 跨站脚本漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk, Inc. of the U.S. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A cross-site scripting vulnerability exists in...

Splunk Universal Forwarder 安全漏洞

Splunk Universal Forwarder is a Splunk component from Splunk, Inc. A security vulnerability exists in Splunk Universal Forwarder versions prior to 9.4.2, prior to 9.3.4, prior to 9.2.6, and prior to 9.1.9 that stems from improperly assigned installation directory permissions...

PT-2025-23542 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.2 Splunk Enterprise versions prior to 9.3.4 Splunk Enterprise versions prior to 9.2.6 Splunk Cloud Platform versions prior to 9.3.2411.102 Splunk Cloud Platform versions prior to 9.3.2408.111 Splunk Clo...

CVE-2021-3422

The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 version...

CVE-2021-42743

A misconfiguration in the node default path allows for local privilege escalation from a lower privileged user to the Splunk user in Splunk Enterprise versions before 8.1.1 on Windows...

CVE-2014-8301

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header...

CVE-2014-8302

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard...

CVE-2017-7565

Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041...

CVE-2010-2504

Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066...

CVE-2015-6515

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header...

CVE-2012-1908

Cross-site scripting XSS vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors...

CVE-2010-2503

Multiple cross-site scripting XSS vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via 1 redirects, aka SPL-31067; 2 unspecified "user-user or user-admin" vectors, aka SPL-31084; or 3 unspecified "user input," aka...

CVE-2010-2502

Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow 1 remote attackers to read arbitrary files, aka SPL-31194; 2 remote authenticated users to modify arbitrary files, aka SPL-31063; or 3 have an unknown impact via redirects, aka SPL-31067...

CVE-2010-3322

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity XXE attack to unknown vectors...

CVE-2014-5197

Directory traversal vulnerability in 1 Splunk Web or the 2 Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. dot dot in a URI, related to search ids...

CVE-2014-5198

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header...

CVE-2019-10390

A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earlier allowed attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM...

CVE-2015-7604

Cross-site scripting XSS vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...