Summary
This host is running Splunk and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will allow attackers to execute arbitrary web script or HTML in a user's browser session in the context of an affected site.
Impact Level: Application
Solution
Upgrade to Splunk version 4.1.3 or later,
For updates refer to http://www.splunk.com/download
Insight
The flaw is caused by improper validation of user-supplied input passed via the 'Referer' header before being returned to the user within a HTTP 404 error message when using Internet Explorer.
Affected
Splunk version 4.0 through 4.1.2
References
Severity
Classification
-
CVE CVE-2010-2429 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities