CVE-2025-20367
BaseFortify
Publication date: 2025-10-01
Last updated on: 2025-10-08
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.8 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.6 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.4 (exc) |
| splunk | splunk_cloud_platform | From 9.2.2406 (inc) to 9.2.2406.122 (exc) |
| splunk | splunk_cloud_platform | From 9.3.2408 (inc) to 9.3.2408.119 (exc) |
| splunk | splunk_cloud_platform | From 9.3.2411 (inc) to 9.3.2411.109 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in certain versions of Splunk Enterprise and Splunk Cloud Platform where a low-privileged user without 'admin' or 'power' roles can craft a malicious payload using the dataset.command parameter of the /app/search/table endpoint. This crafted payload can lead to execution of unauthorized JavaScript code in the browser of another user.
How can this vulnerability impact me? :
The vulnerability can lead to execution of unauthorized JavaScript code in a user's browser, which may result in potential compromise of user sessions, data exposure, or other client-side attacks. Since the attacker only needs low privileges, it increases the risk of exploitation within affected environments.