Multiple cross-site scripting (XSS) vulnerabilities in Puppet Dashboard 1.0 prior to 1.2.5 and Enterprise 1.0 prior to 1.2.5 and 2.x prior to 2.0.1 allow remote malicious users to inject arbitrary web script or HTML via unspecified fields.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
puppet puppet enterprise 2.0.0 |
||
puppet puppet enterprise 1.0 |
||
puppet puppet enterprise 1.1 |
||
puppet puppet enterprise 1.2.0 |
||
puppet puppet dashboard 1.0.3 |
||
puppet puppet dashboard 1.2.3 |
||
puppet puppet dashboard 1.1.0 |
||
puppet puppet dashboard 1.1.1 |
||
puppet puppet dashboard 1.2.0 |
||
puppet puppet dashboard 1.2.1 |
||
puppet puppet dashboard 1.0.0 |
||
puppet puppet dashboard 1.0.4 |
||
puppet puppet dashboard 1.2.2 |
||
puppet puppet dashboard 1.2.4 |
Vulmon