CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-45741 – Persistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise
https://notcve.org/view.php?id=CVE-2024-45741
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk roles could create a malicious payload through a custom configuration file that the "api.uri" parameter from the "/manager/search/apps/local" endpoint in Splunk Web calls. This could result in execution of unauthorized JavaScript code in the browser of a user. • https://advisory.splunk.com/advisories/SVD-2024-1011 https://research.splunk.com/application/d7b5aa71-157f-4359-9c34-e35752b1d0a2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2024-45740 – Persistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise
https://notcve.org/view.php?id=CVE-2024-45740
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user. • https://advisory.splunk.com/advisories/SVD-2024-1010 https://research.splunk.com/application/d4f55f7c-6518-4122-a197-951fe0f21b25 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •