CVE-2023-46231 | HackTesting

In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.

Credits

Vikram Ashtaputre, Splunk

References

https://advisory.splunk.com/advisories/SVD-2024-0110