2 matches found
CVE-2023-32714
CVE-2023-32714 describes a path traversal vulnerability in the Splunk App for Lookup File Editing versions below 4.0.1 . A low-privileged user can send a specially crafted web request to trigger traversal and gain read/write access to restricted areas of the Splunk installation directory. Impact ...
CVE-2023-32715
CVE-2023-32715 affects Splunk App for Lookup File Editing versions before 4.0.1. The vulnerability is a reflected/Stored XSS scenario where a user can inject malicious JavaScript into the app, with the code executed in the victim’s browser. The underlying issue is that the app’s UI/output can be ...