CVSS: 4.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-2429
https://notcve.org/view.php?id=CVE-2010-2429
Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used, allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Splunk v4.0 hasta v4.1.2, cuando Internet Explorer es usado, permite a atacantes remotos inyectar código web o HTML de su elección a través del HTML Referer en una respuesta "404 Not Found". • http://secunia.com/advisories/40187 http://www.osvdb.org/65623 http://www.splunk.com/view/SP-CAAAFHY https://exchange.xforce.ibmcloud.com/vulnerabilities/59517 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •