Stored Cross-Site Scripting (XSS) through Path Traversal in Splunk Enterprise
Description
In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a View (Settings - User Interface - Views) at the /manager/launcher/data/ui/views/_new endpoint leading to a Stored Cross-Site Scripting (XSS) through a path traversal vulnerability. This could result in execution of unauthorized JavaScript code in the browser of a user.
The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The authenticated user should not be able to exploit the vulnerability at will.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4<9.3.2411.123 or <10.0.2503.11 or <10.1.2507.15 or <10.2.2510.4+ 1 more
- (no CPE)range: <9.3.2411.123 or <10.0.2503.11 or <10.1.2507.15 or <10.2.2510.4
- (no CPE)range: 10.2.2510
<9.3.9 or <9.4.9 or <10.0.3 or <10.2.0+ 1 more
- (no CPE)range: <9.3.9 or <9.4.9 or <10.0.3 or <10.2.0
- (no CPE)range: 10.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.