CVE-2019-5727

Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9, 6.3.x before 6.3.12, 6.2.x before 6.2.14, 6.1.x before 6.1.14, and 6.0.x before 6.0.15 and Splunk Light before 6.6.0 has Persistent XSS, aka SPL-138827.
References
Link Resource
http://www.securityfocus.com/bid/107113 Third Party Advisory
https://www.splunk.com/view/SP-CAAAQAF Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:splunk:splunk:*:*:*:*:light:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:splunk:splunk:*:*:*:*:enterprise:*:*:*

History

No history.

Information

Published : 2019-02-21 01:29

Updated : 2023-12-10 12:44


NVD link : CVE-2019-5727

Mitre link : CVE-2019-5727

CVE.ORG link : CVE-2019-5727


JSON object : View

Products Affected

splunk

  • splunk
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')