Overview

CVE-2013-4491 (XSS vulnerability in Ruby on Rails)

  • Posted December 26, 2013

  • Assessed Risk Level: Medium

An XSS vulnerability in the translation helper allows remote attackers to add web script or HTML that triggers generation of a fallback string in the i18n gem.

Status

  • Affected Versions: Puppet Enterprise 3.x
  • Resolved in Puppet Enterprise 3.1.1