Stored Cross-Site Scripting Vulnerability in Splunk Enterprise and Cloud Platform
CVE-2026-20258

7.1HIGH

Key Information:

Vendor

Splunk

Vendor
CVE Published:
10 June 2026

What is CVE-2026-20258?

In versions of Splunk Enterprise and Splunk Cloud Platform prior to specified updates, a low-privileged user can embed a malicious script within a classic dashboard HTML panel. This may lead to unauthorized JavaScript execution in the browsers of other users, especially through phishing attempts that prompt victims to execute requests in their browsers. It is crucial for organizations using affected versions to review and apply the appropriate security updates as specified in the advisory to mitigate potential risks.

Affected Version(s)

Splunk Cloud Platform 10.3.2512 < 10.3.2512.11

Splunk Cloud Platform 10.2.2510 < 10.2.2510.15

Splunk Cloud Platform 10.1.2507 < 10.1.2507.23

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Tony Tong
.