Page 6 of 30 results (0.010 seconds)

CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0

Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Dashboard en Splunk Web en Splunk Enterprise 6.1.x anterior a 6.1.4, 6.0.x anterior a 6.0.7, y 5.0.x anterior a 5.0.10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados. • http://www.splunk.com/view/SP-CAAANST • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header. Vulnerabilidad de XSS en Splunk Web en Splunk Enterprise 5.0.x anterior a 5.0.10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de la cabecera HTTP Referer. • http://www.splunk.com/view/SP-CAAANHS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 21EXPL: 0

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard. Vulnerabilidad de XSS en Splunk Web en Splunk Enterpirse 6.1.x anterior a 6.1.x anterior a 6.1.4, 6.0.x anterior a 6.0.6, y 5.0.x anterior a 5.0.10 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores relacionados con dashboard. • http://www.securitytracker.com/id/1030994 http://www.splunk.com/view/SP-CAAANHS • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 3.5EPSS: 0%CPEs: 4EXPL: 0

Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file. Vulnerabilidad de XSS en la caracteristica de autocompletado en Splunk Enterprise anterior a 6.0.4 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a través de un fichero CSV. • http://securitytracker.com/id?1030800 http://www.splunk.com/view/SP-CAAAMSH • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 0

Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de XSS en Splunk Web en Splunk anterior a 5.0.8 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través de vectores no especificados. • http://secunia.com/advisories/57554 http://www.securityfocus.com/bid/66453 http://www.securitytracker.com/id/1029966 http://www.splunk.com/view/SP-CAAAKQX https://exchange.xforce.ibmcloud.com/vulnerabilities/92126 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •