OpenProject is web-based project management software. For any OpenProject installation, a `robots.txt` file is generated through the server to denote which routes shall or shall not be accessed by cra ...
Continue Reading
June 01, 2023
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the âedit_userâ capabi ...
Continue Reading
June 01, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform versions below 9.0.2303.100, a low-privileged user can trigger an HTTP response splitting vulnerability with th ...
Continue Reading
June 01, 2023
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine tha ...
Continue Reading
June 01, 2023
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the userâs machine. The app ...
Continue Reading
June 01, 2023
On Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, and in Splunk Cloud Platform versions below 9.0.2303.100, an unauthorized user can access the {{/services/indexing/preview}} REST endpoin ...
Continue Reading
June 01, 2023
In Splunk Enterprise versions below 9.0.5, 8.2.11, and 8.1.14, an attacker can use a specially crafted web URL in their browser to cause log file poisoning. The attack requires the attacker to have se ...
Continue Reading
June 01, 2023
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and writ ...
Continue Reading
June 01, 2023
Back to Main
