CVE-2026-20255
Improper Input Validation through Classic Dashboards in Splunk Enterprise
CVSS Score
5.7
EPSS Score
0.0%
EPSS Percentile
0th
In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious classic dashboard that exfiltrates sensitive data to an external server. The vulnerability exists because URL validation on the external content dialog is incomplete, which can allow for requests to untrusted domains when a user interacts with a crafted dashboard.
| CWE | CWE-20 |
| Vendor | splunk |
| Product | splunk enterprise |
| Published | Jun 10, 2026 |
| Last Updated | Jun 10, 2026 |
Stay Ahead of the Next One
Get instant alerts for splunk splunk enterprise
Be the first to know when new medium vulnerabilities affecting splunk splunk enterprise are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Affected Versions
Splunk / Splunk Enterprise
10.2 < 10.2.4 10.0 < 10.0.7 9.4 < 9.4.12 9.3 < 9.3.13
Splunk / Splunk Cloud Platform
10.3.2512 < 10.3.2512.13 10.2.2510 < 10.2.2510.15 10.1.2507 < 10.1.2507.23 9.3.2411 < 9.3.2411.132
References
Credits
Tony Tong (tongster)