Several sources indicate a XSS vulnerability in recent Splunk versions. I can find no reference to this issue on your site or in the change logs. Below are some recent examples of sites referring to this issue confirmed in a different Splunk version 6.1.1; our Nessus scanner is also hitting on it(by exploit test and not version check) against version 5.0.8.
cn.tenable.com/plugins/index.php?view=single&id=74243
www.securityfocus.com/bid/67655/info
packetstormsecurity.com/files/126813/Splunk-6.1.1-Cross-Site-Scripting.html
Does the Splunk team have a plan to address this vulnerability?
... View more