Threat Encyclopedia

Cross-site Scripting, Denial of Service, Directory Traversal, and Privilege Gain Vulnerabilities for Splunk Enterprise

Description

Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 has Persistent XSS, aka SPL-138827. Other vulnerabilities include denial of service via crafted HTTP request, directory traversal vulnerability in Splunk Django App, and privilege gain vulnerbabilities.

Affected Products

Splunk Enterprise