Information Disclosure Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20257

5.7MEDIUM

Key Information:

Vendor

Splunk

Vendor
CVE Published:
10 June 2026

What is CVE-2026-20257?

A vulnerability in Splunk Enterprise and Cloud Platform allows low-privileged users to create malicious classic dashboards capable of exfiltrating sensitive data from the browsers of higher-privileged users. This exploitation occurs due to insufficient validation of style attribute values in dashboard panels, enabling requests to external domains outside of configured Trusted Domains. To exploit this vulnerability, attackers must employ phishing techniques to trick victims into initiating a request within their browsers, ensuring they cannot exploit it indiscriminately.

Affected Version(s)

Splunk Cloud Platform 10.3.2512 < 10.3.2512.13

Splunk Cloud Platform 10.2.2510 < 10.2.2510.15

Splunk Cloud Platform 10.1.2507 < 10.1.2507.23

References

CVSS V3.1

Score:
5.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tony Tong (tongster)
.