JavaScript Execution Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2025-20368

5.7MEDIUM

Key Information:

Vendor: Splunk
Status: Splunk Enterprise; Splunk Cloud Platform
Vendor: CVE Published:; 1 October 2025

What is CVE-2025-20368?

A vulnerability in Splunk Enterprise and Splunk Cloud Platform allows low-privileged users to exploit error messages and job inspection details from saved searches. This could enable them to craft a malicious payload, potentially leading to unauthorized JavaScript execution in a user's browser, compromising the security of sensitive information.

Affected Version(s)

Splunk Cloud Platform 9.3.2411 < 9.3.2411.108

Splunk Cloud Platform 9.3.2408 < 9.3.2408.118

Splunk Cloud Platform 9.2.2406 < 9.2.2406.123

References

https://advisory.splunk.com/advisories/SVD-2025-1003

CVSS V3.1

Score:

5.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 10, 2024

Credit

Danylo Dmytriiev (DDV_UA)

JSON