CVE-2016-4856
N/A
N/A
Summary
Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Splunk Inc. | Splunk Enterprise | 6.3.x prior to 6.3.5 | affected |
| Splunk Inc. | Splunk Light | 6.3.x prior to 6.3.5 | affected |
Weaknesses
- Cross-site scripting
ADP Enrichment
CVE Program Container
Additional References
- https://www.splunk.com/view/SP-CAAAPN9
- https://jvn.jp/en/jp/JVN71462075/index.html
- http://www.securityfocus.com/bid/92990
References
- https://www.splunk.com/view/SP-CAAAPN9
- https://jvn.jp/en/jp/JVN71462075/index.html
- http://www.securityfocus.com/bid/92990
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.