A vulnerability was found in Splunk Enterprise and Cloud Platform. It has been declared as problematic. The affected element is an unknown function of the component Relative URL Handler. Executing a manipulation can lead to open redirect. This vulnerability is tracked as CVE-2026-20256. The attack can be launched remotely.
| Vendor | Product | Versions |
|---|---|---|
| splunk | splunk enterpri | 10.2, 10.0, 9.4, 9.3, 10.3.2512, 10.2.2510, 10.1.2507, 9.3.2411 |
Updated description with new details, changed severity to HIGH, and marked the vulnerability as actively exploited.
Initial creation
