Show filters
218 Total Results
Displaying 191-200 of 218
Sort by:
Attacker Value
Unknown
CVE-2015-7604
Disclosure Date: September 29, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.6 and Splunk Light 6.2.x before 6.2.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2015-6515
Disclosure Date: August 18, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.2.x before 6.2.4, 6.1.x before 6.1.8, 6.0.x before 6.0.9, and 5.0.x before 5.0.13 and Splunk Light 6.2.x before 6.2.4 allows remote attackers to inject arbitrary web script or HTML via a header.
0
Attacker Value
Unknown
CVE-2015-6514
Disclosure Date: August 18, 2015 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Enterprise 6.2.x before 6.2.4 and Splunk Light 6.2.x before 6.2.4 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2014-5466
Disclosure Date: December 16, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.7, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
Attacker Value
Unknown
CVE-2014-8380
Disclosure Date: October 21, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk 6.1.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer Header in a "404 Not Found" response. NOTE: this vulnerability might exist because of a CVE-2010-2429 regression.
0
Attacker Value
Unknown
CVE-2014-8303
Disclosure Date: October 16, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4 and 6.0.x before 6.0.6 allows remote attackers to inject arbitrary web script or HTML via vectors related to event parsing.
0
Attacker Value
Unknown
CVE-2014-8302
Disclosure Date: October 16, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.4, 6.0.x before 6.0.6, and 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via vectors related to dashboard.
0
Attacker Value
Unknown
CVE-2014-8301
Disclosure Date: October 16, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header.
0
Attacker Value
Unknown
CVE-2014-3147
Disclosure Date: October 10, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in the auto-complete feature in Splunk Enterprise before 6.0.4 allows remote authenticated users to inject arbitrary web script or HTML via a CSV file.
0
Attacker Value
Unknown
CVE-2014-5197
Disclosure Date: August 12, 2014 (last updated October 05, 2023)
Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. (dot dot) in a URI, related to search ids.
0
