Persistent Cross Site Scripting (XSS) in Splunk Enterprise and Splunk Light versions before 6.5.2, 6.4.6, and 6.3.9 (SPL-134104)

Persistent Cross Site Scripting (XSS) in Splunk Enterprise and Splunk Light versions before 6.5.2, 6.4.6, and 6.3.9 (SPL-134104)

CVE-2017-12572 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Persistent Cross Site Scripting (XSS) exists in Splunk Enterprise 6.5.x before 6.5.2, 6.4.x before 6.4.6, and 6.3.x before 6.3.9 and Splunk Light before 6.5.2, with exploitation requiring administrative access, aka SPL-134104.

Learn more about our Web Application Penetration Testing UK.