CVE-2025-20385
BaseFortify
Publication date: 2025-12-03
Last updated on: 2025-12-05
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| splunk | splunk | From 9.2.0 (inc) to 9.2.10 (exc) |
| splunk | splunk | From 9.3.0 (inc) to 9.3.8 (exc) |
| splunk | splunk | From 9.4.0 (inc) to 9.4.6 (exc) |
| splunk | splunk | From 10.0.0 (inc) to 10.0.2 (exc) |
| splunk | splunk_cloud_platform | From 9.3.2411 (inc) to 9.3.2411.117 (exc) |
| splunk | splunk_cloud_platform | From 10.0.2503 (inc) to 10.0.2503.7 (exc) |
| splunk | splunk_cloud_platform | From 10.1.2507 (inc) to 10.1.2507.6 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-79 | The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in certain versions of Splunk Enterprise and Splunk Cloud Platform where a user with a high privilege role (admin_all_objects) can craft a malicious payload using the href attribute of an anchor tag within a navigation bar collection. This crafted payload can cause unauthorized JavaScript code to execute in the browser of another user.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized execution of JavaScript code in a user's browser, potentially allowing attackers to perform actions on behalf of the user or steal sensitive information accessible through the browser session. However, exploitation requires a user with high privilege to craft the malicious payload and a user interaction to trigger it.