{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T11:12:48.125","vulnerabilities":[{"cve":{"id":"CVE-2013-2766","sourceIdentifier":"cve@mitre.org","published":"2013-04-10T15:55:15.327","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk 4.3.0 through 4.3.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."},{"lang":"es","value":"Vulnerabilidad de ejecución de comandos en sitios cruzados (XSS) en  Splunk Web en Splunk v4.3.0 hasta v4.3.5 que permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3:*:*:*:*:*:*:*","matchCriteriaId":"908480B1-DB76-4F18-BBB4-51249A13E33B"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3.1:*:*:*:*:*:*:*","matchCriteriaId":"D9A89B66-8C5B-4052-9778-5C0F805731D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3.2:*:*:*:*:*:*:*","matchCriteriaId":"629590A4-B513-4ECF-8EDF-23FCCB44878B"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3.3:*:*:*:*:*:*:*","matchCriteriaId":"934032DC-E305-4A7C-8DC6-BE0F4D7D82CF"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3.4:*:*:*:*:*:*:*","matchCriteriaId":"91093837-AD2B-49B9-9BE9-8E78DD50F144"},{"vulnerable":true,"criteria":"cpe:2.3:a:splunk:splunk:4.3.5:*:*:*:*:*:*:*","matchCriteriaId":"DD8D602F-4527-46C7-A0A0-BF036E6D12BD"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/59038","source":"cve@mitre.org"},{"url":"http://www.securitytracker.com/id/1028371","source":"cve@mitre.org"},{"url":"http://www.splunk.com/view/SP-CAAAHSQ","source":"cve@mitre.org","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/59038","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.securitytracker.com/id/1028371","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.splunk.com/view/SP-CAAAHSQ","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}