Medium severity5.4NVD Advisory· Published May 8, 2018· Updated Jun 17, 2026
CVE-2018-6510
CVE-2018-6510
Description
A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator. Affected releases are Puppet Puppet Enterprise: 2017.3.x versions prior to 2017.3.6.
Affected products
22017.3.x < 2017.3.6+ 1 more
- (no CPE)range: 2017.3.x < 2017.3.6
- (no CPE)range: 2017.3.x
Patches
Vulnerability mechanics
References
1- puppet.com/security/cve/CVE-2018-6510nvdVendor Advisory
News mentions
0No linked articles in our index yet.