CVE-2024-45741 Persistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise

In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" paramete...

CVE-2024-45740

CVE-2024-45740 affects Splunk Enterprise <9.2.3/9.1.6 and Splunk Cloud Platform

CVE-2024-36992 Persistent Cross-site Scripting (XSS) in Dashboard Elements

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthoriz...

support.software.dell.com Cross Site Scripting

Advisory: support.software.dell.com – Cross-Site Script Vulnerability XSS Advisory ID: 14062014 Author: Roberto Garcia @1gbDeInfo Affected Software: Successfully tested on support.software.dell.com Vendor URL: https://support.software.dell.com Vendor Status: informed and solved, but nobody told m...