Количество 3
Количество 3
CVE-2023-40592
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.
GHSA-8gcf-q856-6j97
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.
BDU:2023-05246
Уязвимость веб-интерфейса Splunk Web платформы для операционного анализа Splunk Enterprise, позволяющая нарушителю проводить межсайтовые сценарные атаки
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-40592 In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance. | CVSS3: 8.4 | 0% Низкий | больше 2 лет назад |
| GHSA-8gcf-q856-6j97 In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance. | CVSS3: 8.4 | 0% Низкий | больше 2 лет назад |
 | BDU:2023-05246 Уязвимость веб-интерфейса Splunk Web платформы для операционного анализа Splunk Enterprise, позволяющая нарушителю проводить межсайтовые сценарные атаки | CVSS3: 8.4 | 0% Низкий | больше 2 лет назад |
Уязвимостей на страницу