Adam Bell

**Name of the Vulnerable Software and Affected Versions** Splunk Enterprise versions 5.0.x through 5.0.9 Splunk Enterprise versions 6.0.x through 6.0.6 Splunk Enterprise versions 6.1.x through 6.1.3 **Description** A cross-site scripting (XSS) issue exists in the Dashboard of Splunk Web, allowing remote attackers to inject arbitrary web script or HTML. **Recommendations** For versions 5.0.x through 5.0.9, update to version 5.0.10 or later. For versions 6.0.x through 6.0.6, update to version 6.0.7 or later. For versions 6.1.x through 6.1.3, update to version 6.1.4 or later.