CVE-2018-6510 - XSS Vulnerability in Puppet Enterprise Console
Posted May 1, 2018
Assessed Risk Level: Medium
CVSS 3 Base Score: 5.4
Previous versions of Puppet Enterprise 2017.3 were vulnerable to a XSS attack when special crafted query was sent to the Orchestrator.
Affected software versions:
- Puppet Enterprise 2017.3.x prior to 2017.3.6
- Puppet Enterprise 2017.3.6