Mr Hack

**Name of the Vulnerable Software and Affected Versions** Splunk Enterprise versions prior to 8.1.12 Splunk Enterprise versions prior to 8.2.9 Splunk Enterprise versions prior to 9.0.2 **Description** The issue allows a remote user with the "power" Splunk role to store arbitrary scripts, leading to persistent cross-site scripting (XSS). This affects instances where Splunk Web is enabled. **Recommendations** For versions prior to 8.1.12, update to version 8.1.12 or later. For versions prior to 8.2.9, update to version 8.2.9 or later. For versions prior to 9.0.2, update to version 9.0.2 or later.