Several sources indicate a XSS vulnerability in recent Splunk versions. I can find no reference to this issue on your site or in the change logs. Below are some recent examples of sites referring to this issue confirmed in a different Splunk version 6.1.1; our Nessus scanner is also hitting on it(by exploit test and not version check) against version 5.0.8.
cn.tenable.com/plugins/index.php?view=single&id=74243
www.securityfocus.com/bid/67655/info
packetstormsecurity.com/files/126813/Splunk-6.1.1-Cross-Site-Scripting.html
Does the Splunk team have a plan to address this vulnerability?
Hi lboyd,
Splunk Product Security is aware of this XSS referrer header vulnerability. Engineering has fixed the issue, and updates are coming soon in upcoming maintenance releases. Please stay tuned for more details.
Hi Robert,
The next maintenance release is in assurance testing and will be published soon. Splunk releases are cumulative, meaning that future releases will contain fixes to vulnerabilities, new features and other bug fixes. Please bear with us while we ensure the new bits work as expected across multiple platforms and configurations.
Is there an ETA when this fix will be released?
hi lboyd, someone from our prodsec team will be by soon to respond to your question.