A significant security vulnerability in the Splunk Enterprise platform could allow low-privileged attackers to execute unauthorized JavaScript code through a reflected Cross-Site Scripting (XSS) flaw. The vulnerability, tracked as CVE-2025-20297, affects multiple versions of Splunk Enterprise and Splunk Cloud Platform, prompting the company to issue immediate security updates. The reflected XSS vulnerability resides within Splunk […]
The post Splunk Enterprise XSS Vulnerability Let Attackers Execute Unauthorized JavaScript Code appeared first on Cyber Security News.
This article has been indexed from Cyber Security News