From 865777ad01a08e38cdcaa15ef5b9f13bd82f4070 Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Mon, 27 Nov 2023 11:05:49 +0800
Subject: [PATCH] Update GobyVuls-Document.md

---
 GobyVuls-Document.md | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/GobyVuls-Document.md b/GobyVuls-Document.md
index a9a596c..13b5c46 100644
--- a/GobyVuls-Document.md
+++ b/GobyVuls-Document.md
@@ -1,7 +1,23 @@
 # Goby History Update Vulnerability Total Document (Continuously Update) 
 The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
 
-**Updated document date: November 15, 2023** 
+**Updated document date: November 27, 2023** 
+
+
+## Splunk Enterprise XSLT Command Execute Vulnerability (CVE-2023-46214)
+
+|   **Vulnerability**  | Splunk Enterprise XSLT Command Execute Vulnerability (CVE-2023-46214)  |
+| :----:   | :-----|
+|  **Chinese name**  | Splunk Enterprise XSLT 命令执行漏洞（CVE-2023-46214）	 |
+| **CVSS core**  | 	8.0 |
+| **FOFA Query**  (click to view the results directly)| [app="splunk-Enterprise"](https://en.fofa.info/result?qbase64=Ym9keT0iX19zcGx1bmtkX3BhcnRpYWxzX18iICB8fCAoaGVhZGVyPSJTZXQtQ29va2llOiBzcGx1bmt3ZWJfdWlkPSIgJiYgYm9keT0iZW50ZXJwcmlzZSIp)|
+| **Number of assets affected**  | 134567 |
+| **Description**  | Splunk Enterprise is a data collection and analysis software developed by Splunk Corporation in the United States. This software is mainly used for collecting, indexing, and analyzing the data it generates, including data generated by all IT systems and infrastructure (physical, virtual machines, and cloud).Splunk Enterprise has a command execution vulnerability that does not securely clean up user provided Extensible Stylesheet Language Transformations (XSLTs). Attackers can exploit this vulnerability to upload malicious XSLTs and remotely execute commands on Splunk Enterprise instances. |
+| **Impact** | 	Splunk Enterprise has a command execution vulnerability that does not securely clean up user provided Extensible Stylesheet Language Transformations (XSLTs). Attackers can exploit this vulnerability to upload malicious XSLTs and remotely execute commands on Splunk Enterprise instances. |
+
+![](https://s3.bmp.ovh/imgs/2023/11/27/4f67b965b611da68.gif)
+
+
 
 ## SysAid userentry file upload vulnerability (CVE-2023-47246)