exploitDog

GHSA-35rm-gh88-rf95

Опубликовано: 17 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

Ссылки

EPSS

Процентиль: 53%

0.00304

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2016-4856

CVSS3: 4.8

nvd

больше 8 лет назад

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

EPSS

Процентиль: 53%

0.00304

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-79