CVE-2016-4856 in Enterpriseinfo

Summary

Cross-site scripting vulnerability in Splunk Enterprise 6.3.x prior to 6.3.5 and Splunk Light 6.3.x prior to 6.3.5 allows attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

Once again VulDB remains the best source for vulnerability data.

Responsible

Reservation

05/17/2016

Disclosure

05/12/2017

Entries

VDB-101131

CPE

ready

CVSS

3.6

EPSS

0.00304

Activities

Very Low

Sources

MITREhttps://www.cve.org/CVERecord?id=CVE-2016-4856
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2016-4856
CVE Detailshttps://www.cvedetails.com/cve/CVE-2016-4856/

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!