Information Disclosure Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20257
5.7MEDIUM
Key Information:
- Vendor
Splunk
- Vendor
- CVE Published:
- 10 June 2026
What is CVE-2026-20257?
A vulnerability in Splunk Enterprise and Cloud Platform allows low-privileged users to create malicious classic dashboards capable of exfiltrating sensitive data from the browsers of higher-privileged users. This exploitation occurs due to insufficient validation of style attribute values in dashboard panels, enabling requests to external domains outside of configured Trusted Domains. To exploit this vulnerability, attackers must employ phishing techniques to trick victims into initiating a request within their browsers, ensuring they cannot exploit it indiscriminately.
Affected Version(s)
Splunk Cloud Platform 10.3.2512 < 10.3.2512.13
Splunk Cloud Platform 10.2.2510 < 10.2.2510.15
Splunk Cloud Platform 10.1.2507 < 10.1.2507.23