3 matches found
CVE-2023-32714
CVE-2023-32714 describes a path traversal vulnerability in the Splunk App for Lookup File Editing versions below 4.0.1 . A low-privileged user can send a specially crafted web request to trigger traversal and gain read/write access to restricted areas of the Splunk installation directory. Impact ...
CVE-2023-32715
CVE-2023-32715 affects Splunk App for Lookup File Editing versions before 4.0.1. The vulnerability is a reflected/Stored XSS scenario where a user can inject malicious JavaScript into the app, with the code executed in the victim’s browser. The underlying issue is that the app’s UI/output can be ...
CVE-2025-20233
CVE-2025-20233 concerns the Splunk App for Lookup File Editing (pre-4.0.5). A script uses Python’s chmod and makedirs in a way that yields overly broad read and execute permissions, causing improper access control for a low-privileged user. The provided documents do not specify a remediation. Mon...