VYPR
Unrated severityNVD Advisory· Published Jun 1, 2023· Updated Feb 28, 2025

Persistent Cross-Site Scripting (XSS) through a URL Validation Bypass within a Dashboard View

CVE-2023-32711

Description

In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, a Splunk dashboard view lets a low-privileged user exploit a vulnerability in the Bootstrap web framework (CVE-2019-8331) and build a stored cross-site scripting (XSS) payload.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Splunk/Splunk Enterprisellm-fuzzy2 versions
    <9.0.5, <8.2.11, <8.1.14+ 1 more
    • (no CPE)range: <9.0.5, <8.2.11, <8.1.14
    • (no CPE)range: 8.1

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.