CVE-2013-4963 (Cross-Site Request Forgery Vulnerability)

Posted August 15, 2013
Severity: Medium

Several pages were vulnerable to cross-site request forgery (CSRF), which can enable attackers to manipulate a logged-in user's browser to perform transactions on the user's behalf, such as deleting a report, group, or class.

Status

Affected Versions: Puppet Enterprise 2.x, 3.0.0
Resolved in Puppet Enterprise 3.0.1.

CVE-2013-4963 (Cross-Site Request Forgery Vulnerability)

Posted August 15, 2013

Severity: Medium

Status