Vulnerabilities > Splunk > Splunk APP FOR Lookup File Editing

DATE CVE VULNERABILITY TITLE RISK
2023-06-01 CVE-2023-32714 Path Traversal vulnerability in Splunk and Splunk APP for Lookup File Editing
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation directory.
network
low complexity
splunk CWE-22
8.1
2023-06-01 CVE-2023-32715 Cross-site Scripting vulnerability in Splunk APP for Lookup File Editing
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine.
network
low complexity
splunk CWE-79
6.1