8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
31.7%
Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. This would allow an attacker to redirect user input to an untrusted site or hijack a user session.
puppet.com/security/cve/CVE-2015-5686/