CVE-2025-20233
- EPSS 0.01%
- Published 26.03.2025 22:06:39
- Last modified 01.08.2025 18:03:30
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the `chmod` and `makedirs` Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a...
CVE-2023-32714
- EPSS 32.58%
- Published 01.06.2023 17:15:10
- Last modified 21.11.2024 08:03:54
In the Splunk App for Lookup File Editing versions below 4.0.1, a low-privileged user can, with a specially crafted web request, trigger a path traversal exploit that can then be used to read and write to restricted areas of the Splunk installation d...
CVE-2023-32715
- EPSS 0.42%
- Published 01.06.2023 17:15:10
- Last modified 21.11.2024 08:03:54
In the Splunk App for Lookup File Editing versions below 4.0.1, a user can insert potentially malicious JavaScript code into the app, which causes that code to run on the user’s machine. The app itself does not contain the potentially malicious JavaS...