A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: puppet

Published: 2018-05-08T18:00:00Z

Updated: 2024-09-16T17:37:42.972Z

Reserved: 2018-02-01T00:00:00

Link: CVE-2018-6510

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2018-05-08T18:29:00.403

Modified: 2022-04-12T18:31:15.543

Link: CVE-2018-6510

cve-icon Redhat

No data.