CVE-2013-4968
Published: 11 December 2019
Puppet Enterprise before 3.0.1 allows remote attackers to (1) conduct clickjacking attacks via unspecified vectors related to the console, and (2) conduct cross-site scripting (XSS) attacks via unspecified vectors related to "live management."
Notes
Author | Note |
---|---|
sbeattie | affects Puppet Enterprise only |
Priority
CVSS 3 base score: 6.1