Splunk Unspecified Cross Site Scripting Vulnerability

Bugtraq ID:	52320
Class:	Input Validation Error
CVE:
Remote:	Yes
Local:	No
Published:	Mar 05 2012 12:00AM
Updated:	Mar 05 2012 12:00AM
Credit:	Soroush Dalili
Vulnerable:	Splunk Splunk 4.2.5 Splunk Splunk 4.1.6 Splunk Splunk 4.1.3 Splunk Splunk 4.1.2 Splunk Splunk 4.1.1 Splunk Splunk 4.0.11 Splunk Splunk 4.0.10 Splunk Splunk 4.0.9 Splunk Splunk 4.0.8 Splunk Splunk 4.0.7 Splunk Splunk 4.0.6 Splunk Splunk 4.0.5 Splunk Splunk 4.0.4 Splunk Splunk 4.0.3 Splunk Splunk 4.0.2 Splunk Splunk 4.0.1 Splunk Splunk 4.0 Splunk Splunk 4.3 Splunk Splunk 4.2.4 Splunk Splunk 4.2.3 Splunk Splunk 4.2.2 Splunk Splunk 4.2 Splunk Splunk 4.1.5 Splunk Splunk 4.1.4 Splunk Splunk 4.1 Splunk Splunk 4
Not Vulnerable:	Splunk Splunk 4.3.1

Splunk Unspecified Cross Site Scripting Vulnerability

Splunk is prone to an unspecified cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data.

An attacker may leverage this issue to execute arbitrary HTML and script code in an unsuspecting user's browser in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks.

Splunk versions 4.0 through 4.3 are vulnerable.

Splunk Unspecified Cross Site Scripting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting user to follow a malicious URI.

Splunk Unspecified Cross Site Scripting Vulnerability

Solution:
Updates are available. Please see the references for details.

Splunk Unspecified Cross Site Scripting Vulnerability

References:

• Splunk 4.3.1 addresses one vulnerability (Splunk)
  
• Splunk Homepage (Splunk)