vulnerability
Splunk CVE-2024-36994: Persistent Cross-site Scripting (XSS) in Dashboard Elements
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:S/C:P/I:P/A:N) | Jul 1, 2024 | Apr 7, 2025 | Apr 22, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:S/C:P/I:P/A:N)
Published
Jul 1, 2024
Added
Apr 7, 2025
Modified
Apr 22, 2025
Description
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the “admin” or “power” Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.The “ping” URL attribute and the “url” parameter do not properly validate user input. The attribute and parameter are not properly escaped, which could lead to the Stored Cross-site Scripting (XSS) exploit.
Solution
splunk-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.