Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk before 5.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
http://secunia.com/advisories/55774
http://www.securitytracker.com/id/1029385
http://www.splunk.com/view/SP-CAAAJCD
Source: MITRE
Published: 2013-11-25
Updated: 2013-11-27
Type: CWE-79
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM