CVE-2010-2503 Information

Description

Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow remote attackers to inject arbitrary web script or HTML via (1) redirects aka SPL-31067; (2) unspecified \user-user or user-admin\ vectors aka SPL-31084; or (3) unspecified \user input\ aka SPL-31085.

Reference

http://www.splunk.com/view/SP-CAAAFGD