CVE-2023-40592

CVSS V2 None CVSS V3 None
Description
In Splunk Enterprise versions below 9.1.1, 9.0.6, and 8.2.12, an attacker can craft a special web request that can result in reflected cross-site scripting (XSS) on the “/app/search/table” web endpoint. Exploitation of this vulnerability can lead to the execution of arbitrary commands on the Splunk platform instance.
Overview
  • CVE ID
  • CVE-2023-40592
  • Assigner
  • Splunk
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-08-30T16:19:38.525Z
  • Last Modified Date
  • 2024-04-10T00:53:10.840Z
History
Created Old Value New Value Data Type Notes
2024-06-25 02:41:49 Added to TrackCVE