4.3
CVSSv2

CVE-2014-5466

Published: 16/12/2014 Updated: 17/12/2014
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk Web in Splunk Enterprise 6.1.x prior to 6.1.4, 6.0.x prior to 6.0.7, and 5.0.x prior to 5.0.10 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.
Vulnerable Product Search on Vulmon Subscribe to Product

splunk splunk 5.0.4

splunk splunk 5.0.2

splunk splunk 6.0.2

splunk splunk 6.0.4

splunk splunk 6.1.4

splunk splunk 5.0.9

splunk splunk 5.0.8

splunk splunk 5.0.7

splunk splunk 5.0.6

splunk splunk 6.0.6

splunk splunk 6.1

splunk splunk 6.1.1

splunk splunk 6.1.2

splunk splunk 5.0.1

splunk splunk 5.0

splunk splunk 6.0

splunk splunk 6.0.1

splunk splunk 5.0.5

splunk splunk 5.0.3

splunk splunk 6.0.3

splunk splunk 6.0.5

splunk splunk 6.1.3

Vendor Advisories

Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Vulnerability Descriptions and Ratings • OpenSSL TLS protocol downgrade attack (SPL-88585, SPL-88587, SPL-88588, CVE-2014-3511) • Persistent cross-site scripting (XSS) in Dashboard (SPL-89216, CVE-2014-5466) • Persistent cross-site scripting ...
Table of Contents• Description • Affected Products and Components • Mitigation and Upgrades • Vulnerability Descriptions and Ratings • OpenSSL session ticket memory leak (SPL-91947, CVE-2014-3567) • TLS protocol enhancements related to POODLE (SPL-92062, CVE-2014-3566) • Persistent cross-site scripting (XSS) in Dashboard (SPL-89216, C ...