Tag
A user with access to the `_internal` index or the `mcp_tool_admin` capability in Splunk MCP Server app versions below 1.0.3 can view user session and authorization tokens in clear text, leading to potential credential compromise.