all InfoSec News logo
all InfoSec News - Your InfoSec news aggregator
Log in Sign up
all InfoSec News

Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpointIn Sp...

Add to bookmarks
July 1, 2024, 4:57 p.m. |

CVE | THREATINT - NEW cve.threatint.com

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser contex...

admin browser cloud cloud platform code cross-site enterprise javascript persistent platform rest scripting settings splunk splunk enterprise store web xss

Visit resource

More from cve.threatint.com / CVE | THREATINT - NEW

playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 6 hours ago | cve.threatint.com
amp app file found +7
Red Lion Europe: mbNET.mini vulnerable to OS command injectionA high privileg... 6 hours ago | cve.threatint.com
attacker can command commands +8
Uncontrolled Resource Consumption vulnerability in MESbookUncontrolled Resour... 7 hours ago | cve.threatint.com
attacker can code inject +8
Information exposure vulnerability vulnerability in MESbookInformation exposu... 7 hours ago | cve.threatint.com
access api attacker changing +8
playSMS Template injectionA vulnerability was found in playSMS 1.4.3. It has ... 8 hours ago | cve.threatint.com
amp app file found +5
Limited DoS due to permitting creating users with user-defined IDsMattermost ... 10 hours ago | cve.threatint.com
attacker defined dos fail +2
RemoteClusterFrame payloads are audit logged in fullMattermost versions 9.5.x... 10 hours ago | cve.threatint.com
access attacker audit audit logs +7
Creating posts with user-defined IDs permitted in CreatePost APIMattermost ve... 10 hours ago | cve.threatint.com
attacker defined fail ids +3
Timing attack during remote cluster token comparison when shared channels are... 10 hours ago | cve.threatint.com
attack cluster fail mattermost +4

Jobs in InfoSec / Cybersecurity

Find Talent

Information Assurance Engineer

@ Leidos | 6314 Remote/Teleworker US
View on infosec-jobs.com

SQL Database Admin - INT

@ General Dynamics Information Technology | USA AZ Fort Huachuca - 2133 Cushing St, Bldg 61801 (AZC012)
View on infosec-jobs.com

Network Engineer - Lead

@ QBE LLC | Arlington, VA, US
View on infosec-jobs.com

Cloud Managed Services Engineer

@ Versa Networks | Switzerland
View on infosec-jobs.com

Software Engineer - Microsoft Entra ID

@ BT Group | Snowhill, Birmingham, United Kingdom
View on infosec-jobs.com

Security Cloud Solution Architecture Manager

@ Microsoft | Issy Les Moulineaux, Hauts-de-Seine, France
View on infosec-jobs.com