Puppet Enterprise@1.0 Security Vulnerabilities and Issues — Puppet Enterprise@1.0 CVE List

Lucene search

PuppetPuppet Enterprise1.0

2 matches found

CVE•added 2014/03/14 4:55 p.m.•48 views

CVE-2012-0891

Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 before 1.2.5 and Enterprise 1.0 before 1.2.5 and 2.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified fields.

4.3CVSS5.9AI score0.00263EPSS

CVE•added 2014/03/14 4:55 p.m.•44 views

CVE-2013-4963

Multiple cross-site request forgery (CSRF) vulnerabilities in Puppet Enterprise (PE) before 3.0.1 allow remote attackers to hijack the authentication of users for requests that deleting a (1) report, (2) group, or (3) class or possibly have other unspecified impact.

6.8CVSS7.8AI score0.00116EPSS