Vulnerabilities > Splunk > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-16 | CVE-2014-8301 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 5.0.x before 5.0.10 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header. | 4.3 |
| 2014-08-12 | CVE-2014-5198 | Cross-Site Scripting vulnerability in Splunk 6.1/6.1.1/6.1.2 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk Enterprise 6.1.x before 6.1.3 allows remote attackers to inject arbitrary web script or HTML via the Referer HTTP header. | 4.3 |
| 2014-08-12 | CVE-2014-5197 | Path Traversal vulnerability in Splunk 6.1/6.1.1/6.1.2 Directory traversal vulnerability in (1) Splunk Web or the (2) Splunkd HTTP Server in Splunk Enterprise 6.1.x before 6.1.3 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
| 2014-04-02 | CVE-2014-2578 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2014-01-23 | CVE-2012-6447 | Cross-Site Scripting vulnerability in Splunk 5.0/5.0.1/5.0.2 Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 5.0.0 through 5.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-11-25 | CVE-2013-6870 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2013-04-10 | CVE-2013-2766 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2012-08-17 | CVE-2012-1908 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.3 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |
| 2012-01-03 | CVE-2011-4778 | Cross-Site Scripting vulnerability in Splunk Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.2.x before 4.2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka SPL-44614. | 4.3 |
| 2012-01-03 | CVE-2011-4643 | Path Traversal vulnerability in Splunk Multiple directory traversal vulnerabilities in Splunk 4.x before 4.2.5 allow remote authenticated users to read arbitrary files via a .. | 4.0 |