Vulnerabilities > Puppet > Puppet Enterprise > 2017.3.5

DATE CVE VULNERABILITY TITLE RISK
2018-05-08 CVE-2018-6511 Cross-site Scripting vulnerability in Puppet Enterprise
A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console.
network
low complexity
puppet CWE-79
5.4
5.4
2018-05-08 CVE-2018-6510 Cross-site Scripting vulnerability in Puppet Enterprise
A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator.
network
low complexity
puppet CWE-79
5.4
5.4