We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-20297

Reflected Cross-Site Scripting (XSS) on Splunk Enterprise through dashboard PDF generation component



Description

In Splunk Enterprise versions below 9.4.2, 9.3.4 and 9.2.6, and Splunk Cloud Platform versions below 9.3.2411.102, 9.3.2408.111 and 9.2.2406.118, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the pdfgen/render REST endpoint that could result in execution of unauthorized JavaScript code in the browser of a user.

Reserved 2024-10-10 | Published 2025-06-02 | Updated 2025-06-02 | Assigner cisco


MEDIUM: 4.3CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Problem types

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Product status

9.4 before 9.4.2
affected

9.3 before 9.3.4
affected

9.2 before 9.2.6
affected

9.1 before 9.1.9
affected

9.3.2411 before 9.3.2411.102
affected

9.3.2408 before 9.3.2408.111
affected

9.2.2406 before 9.2.2406.118
affected

Credits

Klevis Luli, Splunk

References

advisory.splunk.com/advisories/SVD-2025-0601

cve.org (CVE-2025-20297)

nvd.nist.gov (CVE-2025-20297)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-20297

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.